After upgrading the Pulse Secure Desktop client 5.2R5 to 5.2R7, certificate based authentication or restriction are failing with the following error message:
Certificate Authentication scenario:
Error 1332 "Missing or invalid certificate"
Certificate Restrictions scenario:
Error 1329 "You are not allowed to sign in., long: Contact your network administrator."
In the Pulse client debug logs, following messages will be logged:
jcSelectionRule.cpp:345 - 'JamCertLib' Certificate XXXXX does not meet the required
'has EKU:ClientAuth' condition, skipping it (rank 0)
jamCert.cpp:405 - 'JamCertLib' No client certificate satisfied the minimal requirements.
JNPRClient.cpp:3987 - 'eapService' No valid client certificate found.
channelProviderImplEap.cpp:410 - 'iftProvider' EAP Authentication FAILED: Error: 1332
0x534 State: 3 0x3