Guidelines and Limitations of Multiple Certificate Authentication

Note	When you configure multiple certificate authentication, ensure that you set the value of AutomaticCertSelection to true in the Cisco Secure Client Profile settings.

Multiple certificate authentication currently limits the number of certificates to two.

Secure Client must indicate support for multiple certificate authentication. If that is not the case then the gateway uses one of the legacy authentication methods or fails the connection. Secure Client version 4.4.04030 or later supports Multi-Certificate based authentication.

Secure Client supports only RSA-based certificates.

Only SHA256, SHA384, and SHA512 based certificate are supported during the Secure Client aggregate authentication.

Certificate authentication cannot be combined with SAML authentication.