If the Pulse Secure Desktop for Linux client fails to establish a VPN tunnel and the pulsesvc.log states "Certificate Validation Failed", then this would indicate that the client is unable to validate the device certificate on the PCS device.
To confirm the issue, review the pulsesvc.log from the following location:
Log Location: /home/<userprofile>/.pulse_secure/pulse/pulsesvc.log
The log will contain the following entries:
dsssl.warn ssl_init : Failed to load CA certificates (DSSSLSock.cpp:1515)
main.info Setting NCP certificate hash for DSSSL certificate verification (ncp.cpp:1934)
main.info Using DSSSL to connect to IVE (ncp.cpp:2023)
connect.info creating a new HTTP connection... (ncp_dsssl.cpp:187)
dsssl.error verify_server_cert_callback : Certificate Verification Failed :
error:self signed certificate depth:0 errorno:18 (DSSSLSock.cpp:1588)
dsssl.info log_cert_info : Subject : C = ??, ST = ??, L = ??, O = "ra,", OU = ??,
dsssl.error SSL_connect failed. Error 1 (DSSSLSock.cpp:1834)
connect.error dshttp connect to XX.XX.XXX.XXX failed with error 536875113 (ncp_dsssl.cpp:240)
main.error SSL connect failed. Error 536875113 (ncp.cpp:2026)