globalprotect Client certificate with OID requesting users to select their certificate

KAckerman12 — Fri, 23 Jun 2023 15:48:04 GMT

I recently configured my globalprotect agent to look for a machine certificate including a specific OID to avoid a confusing selection process on devices with multiple client certificates signed by the same CA. Our original configuration started requesting users to select which certificate to use. I wanted to avoid this confusion by including an OID so globalprotect knew exactly what certificate to use. Unfortunately, the users are still prompted to choose a certificate. However, they are now asked to choose the Intermediate certificate that signs the client cert. I'm wondering if the OID must be applied to the intermediate certificate, or is it possible I'm missing something here?
6.1.1

topic globalprotect Client certificate with OID requesting users to select their certificate in GlobalProtect Discussions

globalprotect Client certificate with OID requesting users to select their certificate