Hallo everybody,
I have currently published several sites in ForeFront TMG. The users access these sites with their smarphones (Android, iPhone). For authentication every user has an own certificate installed on its device.
TMG is configured to request client certificates for authentication. If there is no certificate present, the TMG asks for username and password. So far so good.
The only problem I have now, is that my certificates are valid for 1 year. If the certificate expires, the ForeFront TMG does not fall back to basic authentication, because it still gets the certificate delivered. The user do not have any possibility to log in. It only works, if they manually delete the expired certificate.
It is not a problem yet, but in some months if somebody forgets to install a renewed cert on its device, it could lead to a situation where there is no login possible.
Can I somehow configure ForeFront in a way, that it tries basic authentication, after a certificate based authentication failed, because of expiry or revocation?
Thanks in advance
Mailer