Who rated this post

Who rated this post

tcleghorn
L1 Bithead

This is by design.  If you allow a user to connect using Credential OR Client Cert, we'd need a username from the client cert.

 

A workaround is to set the User Name in the Certificate Profile to using the Subject Alt Name of the Certificate.  When you generate the Machine Certificate for the Pre-Logon, do NOT put anything in the Subject Alt Name field.  This should allow both Machine Cert users (without Cookies) and non-Machine Cert users.

 

Best practice would be to set-up 2 Portals and 2 Gateways.  One with the CertProfile (for your domain trusted machines) and one without (for your contractors).

Who rated this post