Hi Adrian,,,, I am no cert guru but i can answer some of your questions.. 1. No. there is no link between ssl/tls profile and authentication certificate profile. we have an externally signed cert for ssl/tls and a mixture of AD corp cert and PA self signed for user auth.. 2. not sure.. usually th PA willl determine which cert can be used against what the user is offering.. in one of our cert profiles there is a few different CA's and any user cert generated by them will work.. can't really answer on the dependencies... 3. the username here is not really relevant as long as the user cert was generated by the CA, the profile will then log you in as whatever is in your field. if you set this to none then commit will fail because your cert is the only auth method. if you set this to none then you must add another auth profile.. how do you generate your certs and by what method do you distribute them?
... View more