https://live.paloaltonetworks.com/t5/general-topics/netconnect-certificates/m-p/30842#M22573 <HTML><HEAD></HEAD><BODY><P>Your understanding&nbsp; of how NetConnect works is incorrect.&nbsp; Those certs that you are seeing are cosigning certificates for the NetConnect client. </P></BODY></HTML> Tue, 28 Jun 2011 22:13:12 GMT dwhyte 2011-06-28T22:13:12Z https://live.paloaltonetworks.com/t5/general-topics/netconnect-certificates/m-p/30841#M22572 <HTML><HEAD></HEAD><BODY><P>I'm looking for a bit of info on how the NetConnect client uses certificates.</P><P></P><P>I have a VPN endpoint configured on my PAN firewall which is configured to use a GoDaddy Wildcard SSL certificate. When I connect to the web portal the installed certificate is valid and recognised by the browser.</P><P></P><P>When a user authenticates and the NetConnect client starts I see a number of certificate errors which require manual intervention to trust the installed certificate. Looking at the certificates the NetConnect client makes use of the smae certificate but the Starfield Technologies CA isn't installed in the NetConnect client.</P><P></P><P>My questions are:</P><P></P><P>1. Is my understanding of how the NetConnect client works correct?</P><P>2. If Q1 is correct does the NetConnect client have the Starfield Technologies CA installed?</P><P></P><P>Jason</P></BODY></HTML> Tue, 21 Jun 2011 01:49:42 GMT https://live.paloaltonetworks.com/t5/general-topics/netconnect-certificates/m-p/30841#M22572 ethiSEC 2011-06-21T01:49:42Z https://live.paloaltonetworks.com/t5/general-topics/netconnect-certificates/m-p/30842#M22573 <HTML><HEAD></HEAD><BODY><P>Your understanding&nbsp; of how NetConnect works is incorrect.&nbsp; Those certs that you are seeing are cosigning certificates for the NetConnect client. </P></BODY></HTML> Tue, 28 Jun 2011 22:13:12 GMT https://live.paloaltonetworks.com/t5/general-topics/netconnect-certificates/m-p/30842#M22573 dwhyte 2011-06-28T22:13:12Z