![]() ![]() Doing so will make it so the client is able to view all client certificates rather then just certificates issued by the CA root certificate selected. Modify the question "Which CA certificate bundle do you want to use for your advertised certificate authorities?" to none. This could mean you are not sending a certificate at all, or perhaps are not sending one that matches your allowed CA issued certs. With that said, do you see the Access policy completing successfully for both clients or only HTML? There is an option in the iApp that might help a little during certificate selection, I point this out as I noted you are not passing certificate authentication when using the horizon client. I would open a support case, as they will be able to review log files to determine at which point authentication is failing and more quickly get your environment working. I could really use some guidance on this. ![]() SAML authentication is seen for the browser connection the cert inspection from the same smartcard passes where it fails on connections from the Horizon client. The main thing is the APM log looks great. If I attempt the same exact connection through a regular web browser via HTML 5, I can authenticate to the webtop where the authentication fails to the back end (the documentation says that's what should happen and that manual login has to occur from the webtop). The horizon client will prompt for a pin and then after a second or two display "Authentication Failure." APM logs consistently show the access policy failing at the cert inspection step. Both the View server and F5 have been configured according to the companion guide for the iapp. The feature we really want to implement is using smartcard authentication with SAML 2.0 through the horizon client. Currently attempting setup with the f5.vmware_view.v1.5.1 iapp template. I am running Big IP version 12.1.0 with APM and Horizon View 7.0.1. ![]()
0 Comments
Leave a Reply. |