- Products
- Learn
- Local User Groups
- Partners
- More
What's New in R82.10?
Watch HereWhen the Agents Attack
A Live Look at Agentic Exposure Validation
AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
CheckMates Go:
CheckMates Fest
Hi CheckMates,
when trying to use Secure Domain Logon with certificate based authentication (E86.26 client), the Secure Domain Logon dialogue does not offer any certificate to be chosen as shown in the screenshot below:
The user certificate store contains a certificate for the user which should be authenticated and the computer certificate store contains a machine certificate.
When skipping SDL and logging in with cached credentials, and then manually establishing a VPN connection, the user's certificate is correctly fetched via CAPI and certificate authentication is successful.
Any idea on how to troubleshoot why no certificate is available in the SDL authentication dialogue?
Thanks!
CAPI certificates cannot be used for SDL.
This is in the documentation: https://sc1.checkpoint.com/documents/RemoteAccessClients_forWindows_AdminGuide/Content/Topics-RA-VPN...
Is this an EPS client with TP blades ? sk146712
It is an Endpoint Security Client, yes, but the FDE blade is not installed.
So i would suggest TAC...
I don’t believe SDL is necessary for this.
See: https://community.checkpoint.com/t5/Remote-Access-VPN/How-to-Have-Remote-Access-VPN-Tunnel-Before-Us...
The machine certificate was just a test to see if I could select this certificate from the drop down list on the SDL window since I don't see the user certificate either. I do not actually want to use machine based authentication; all endpoints already have a user certificates rolled out and this should be used for authentication. IMHO this should be working since the user authenticates to Windows before the SDL window appears, therefore the personal certificate store should be accessible.
CAPI certificates cannot be used for SDL.
This is in the documentation: https://sc1.checkpoint.com/documents/RemoteAccessClients_forWindows_AdminGuide/Content/Topics-RA-VPN...
Ouch, I missed this. Thanks a lot!
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count |
|---|---|
| 3 | |
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
Thu 09 Jul 2026 @ 10:00 AM (CEST)
Schutz souveräner Workloads: Check Point & die AWS European Sovereign CloudThu 09 Jul 2026 @ 11:00 AM (CEST)
The Cloud Architects Series: Check Point Edge Protection SD-WAN & SASEThu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityFri 10 Jul 2026 @ 11:00 AM (IDT)
CheckMates Live Netherlands - Sessie 48: Nieuwe Check Point Workspace SecurityTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityFri 10 Jul 2026 @ 11:00 AM (IDT)
CheckMates Live Netherlands - Sessie 48: Nieuwe Check Point Workspace SecurityTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY