GlobalProtect Pre-Logon Prompting for User Certificate

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

GlobalProtect Pre-Logon Prompting for User Certificate

L3 Networker

We have GlobalProtect Pre-Logon working with machine certificates however once the user logs into their laptop they are also prompted with thier User Certificate each time. There internal CA does issue machine and user certificates. Is there a way to disallow the User certificate prompt? Do we need to also use User certificates along with machine certficicates? Verion is 10.0.7 and GP 5.2.7

PCNSC, PCNSE
3 REPLIES 3

L7 Applicator

What setting do you have in the user portal config for certificate lookup.  If both user and machine try setting to just user.

L2 Linker

You need to ensure the portal and gateway URLs are added to your trusted/Intranet sites in IE and ensure this setting is enabled.

 

rajjair_0-1635210947511.png

 

For Edge and Chrome you need to configure "AutoSelectCertificateForUrls" to avoid the pop-up

 

Microsoft Edge Browser Policy Documentation | Microsoft Docs

 

This looks similar to an issue we are seeing on our Win 11 intune build and the Hello for business cert, we have added the urls and the cert to use and are able to browse to the page in a web browser without being prompted. If we remove the WHFB cert the device does not prompt. do we need to add to the ie trusted sites and enable the dont prompt for client certificate selection?

 

Any help or advice would be much appreciated

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!