Security News > 2021 > April > Pulse Secure VPN users can't login due to expired certificate
Users worldwide cannot connect to Pulse Secure VPN devices after a code signing certificate used to digitally sign and verify software components has expired.
As employees return from the weekend, network admins have been reporting [1, 2, 3, 4] that users cannot connect to Pulse Secure VPN devices and access internal company resources.
"As of today, staff are no longer accessing our system from home. Normally, they log on to Pulse Secure via the web interface and then select their PC, which is then forwarded via the terminal server service," a customer reported on the Pulse Secure forums.
This issue affects users globally and is caused by an expired code-signing certificate and a bug in the Pulse Secure software that is not properly verifying that executables are signed.
As the code-signing certificate used to sign the file has expired today, the bug prevents the software from operating correctly, and users are unable to login to VPN devices.
Update 4/15/21: Updates have been released for the Pulse Connect Secure software that resolves this issue and allows users to login.