Check Point RA VPN : force the use of a specific user certificate in Windows Store

May the 4th (+4)
Roadmap Session and Use Cases for
Cloud Security, SASE, and Email Security

SASE Masters:
Deploying Harmony SASE for a 6,000-Strong Workforce
in a Single Weekend

Paradigm Shifts: Adventures Unleashed!
Capture Your Adventure for a Chance to WIN!

Join the Photo Contest!

Mastering Compliance
Unveiling the power of Compliance Blade

WATCH NOW

CPX 2024 Content
is Here!

Get What You Need

Harmony SaaS
The most advanced prevention
for SaaS-based threats

LEARN MORE

CheckMates Go:
CPX 2024 Recap

LISTEN NOW

Create a Post

Hi,

Recently, we enabled the user certificate authentication method, as long with username & password. The user certificates are pushed by the Active Directory via GPO, and come from the ADCS role within our network.

This is working fine, the username field is populated automatically in Check Point Endpoint Security, and it validates the user's certificate alright.

However, some of our users have several certificates in their user store. We need to find a way to force the VPN client to use a specific certificate, based on specific criteria (regex, or else).

I found no resource on how to control which certificate is being used by the client. It seems to picks it up automatically.

Anybody have an idea on how we can achieve our goal ?

Thanks in advance.

Regards,

Antoine.