The latest published VIA User Guide (2.0) indicates that using X.509 certificates for Phase 0 authentication requires the certificate to be in the "user" certificate store. The release notes of VIA 2.0.1+ indicate the support for machine certificates. I've noticed that when connecting VIA to a controller looking for certificate authentication (IKEv1-Certs), machine certificates are also available for selection which seems consistent with the newer release notes.
Question:
Is it possible through the VIA profile or VIA client to force the selection of only machine certs (or even only user certs if a customer wanted).....and not both?
