Hi,

I am trying to configure Certificate authentication for Identity Manager 2.8 on-prem.  I have AirWatch configured to issue user certificates when they enroll their Windows 10 desktop and that is working properly.  I have the CertificateAuthAdapter configured for the worker, and set Certificate Authentication first in the access policies (web browser and windows 10 app).  When I try to authenticate with VIDM via the Workspace app on Windows 10, or via the web browser, the browser (Edge & Chrome) prompts for the certificate, which I select.  IDM then comes back with an access denied message.  I checked the connector.log on the VIDM appliance and saw the following entries..

The first two entries show up as soon as the client hits the identity manager URL:

com.vmware.horizon.adapters.certificateAdapter.CertificateAuthAdapter - SSL handshake failed

com.vmware.horizon.adapters.certificateAdapter.CertificateAuthAdapterBase - No certificates were provided by the browser

The final message comes up when I hit OK to use the certificate in the browser:

com.vmware.horizon.adapters.certificateAdapter.CertificateAuthAdapterBase - Principal name NOT found in any provided certificate(s).

Does anybody have any leads?  There is not much documentation on configuring or troubleshooting certificate auth in the manual.

Thanks!