I have SSO from JumpCloud set up successfully with my AWS WorkSpaces directory. When you go through the IdP's User Portal and click the AWS link it brings up our WorkSpaces client and correctly feeds the username and Registration code. After that you can log in by putting in your password.
I also attempted to set up Certificate Based Authentication. I set up AWS Private CA, created a CRL in S3, and added the Root certs to Active Directory Certificate Services. I was even able to verify that the certs are being propagated to the WorkSpaces' cert stores.
The problem I'm running into is that when I turn Cert Based Authentication ON for the directory, there is no change in behavior. It's appearing like it's not even trying to use passwordless login. The WorkSpaces client opens and has the username and Registration code prefilled, but asks for a password just like if SSO was the only thing turned on.
Can anyone provide any clues as to how to troubleshoot this. I've been back through the documentation a few times and everything appears to be set up correctly. Of course I know that something is wrong, but I'm not even sure what COULD be wrong to cause this.
Thanks in advance.
AWS OFFICIALUpdated 10 months ago
