Refer to the exhibit. User student is not able to log in to SSL VPN. Given the output showing a real-time debug, which statement describes the login failure?
A.
Unable to verify chain of trust for the peer certificate.
B.
CN does not match the user peer configuration.
C.
student is not part of the usergroup SSL_VPN_Users.
FortiClient validates certificates using the following industry standards:
The domain or FQDN that FortiClient is connecting to, matches the domain to which the certificate is issued.
The validation process correctly handles wildcards in the domain name in the certificate.
The validation process considers both the CN in the subject or the SAN.
The certificate expiry date is in the future. The certificate has not expired.
The certificate issuer or the root certificate in the certificate chain is from a publicly trusted CA. Trusted CAs are read from the operating system.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
d567468
12 months agolil_pc1972
1 year, 3 months ago