Pulse Secure vpn not working due to certificate verification bug
Users of the Pulse Secure VPN cannot log in worldwide because a digital certificate has expired. According to Pulse Secure, this is a bug. It is not known how many users are affected by it.
Pulse Secure notifies users in a bulletin and says it is working on a solution. The issue affects users logging in from Windows computers through the browser with Pulse Secure versions 9.1R8.x, 9.1R9.x, 9.1R10.x, and 9.1R11.x. Users logging in via the desktop client and Linux and macOS users are not affected by the outage. Also users of the Pulse Policy Secure and Pulse Connect Secure client for system administrators do not work properly. The problems started at 10 p.m. on Sunday.
The problem, according to Pulse Secure, is in verifying a certificate on the part of the company. According to Pulse Secure, this is due to a bug in the code. “The verification fails because it checks the certificate expiration time instead of the timestamp of the code signing,” the company wrote. As a result, the operating system will not accept the certificates and users will see that the software cannot connect to the server.
Pulse Secure recommends that users of the VPN use the desktop client for the time being. The company is working on a solution. It will be available later on Tuesday afternoon for the most recent version and “end of the day” US time for the other versions.