Aug 12 2019 06:45 AM
How do you get valid client certificate to work?
What i have so far.
1. CA with Intermediate, User Certificate Template cloned for this purpose
2. Issued a cert to my domain desktop and IOS device
3. Enabled a conditional access policy for custom MCAS policy
4. Root and intermediate cert upload to MCAS
5. MCAS policy to block if there is no valid client certificate.
the block works, i get the "test block" message. but i can't get the client certificate prompt or figure out why it won't prompt for certificate.
My end goal is to test valid client certificate against a few 3rd party IOS apps where device certificate/standard device compliance checkbox doesn't work in conditional access.
Apr 22 2020 06:39 AM
Apr 22 2020 06:58 AM
thats a great find. and a cert location we rarely use.
i need to re-test now.
my second pain point with conditional access was getting it to work with native apps on mobile/IOS.
you seemed to be at the mercy of the app developer to support certificates.
Apr 22 2020 11:47 AM
Oct 13 2021 06:17 AM
Sep 26 2023 02:09 PM