Author Topic: SA2500 Using an additional port to present an additional SSL certificate  (Read 1144 times)

ScottSi

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Hello, hopefully someone will be able to shed some light on this subject for me. I have an SA2500 and have the unit working fine for MachineCert authentication. I have recently created a virtual port and added a new SSL certificate to the SA2500 to be presented when the additional URL is used. I have tested from the browser and both URL's are working as i would expect, and i have also used JUNOS Pulse client on an iphone to perform the same test and all worked as expected. I can access secure.1.com and secure.2.com and be presented with the correct certificate as this method is using a username/password combination.

Using a laptop however for MachineCert authentication, it appears that when using PULSE only the certificate from the external interface is retrieved despite using the URL in the configuration to connect to the virtual port i.e. the config connects to secure.2.com but the certificate from secure.1.com is presented. If i connected to secure.1.com everything works fine. Is this correct and by design or should i be able to achieve what i am trying to do?

I want client x to use secure.1.com and client y to use secure.2.com and use MachineCert authentication.