Certificate auth issue in 0.2.2
Nikos Mavrogiannopoulos
nmav at gnutls.org
Sat Dec 7 14:45:12 EST 2013
On Sun, 2013-12-08 at 01:59 +0800, Karl wrote:
> Hi,
>
> In my config, it has:
>
> auth = "certificate" auth = "plain[/opt/ocserv/passwd]"
>
> but AnyConnect client failed to connect, debug log shows:
>
> "No certificate was found."
>
> add "always-require-cert=false", it goes further, but still has error
> like:
>
> "error verifying client certificate." Did I miss something or buggy in
> 0.2.2?
You'll need to set the authority that signed the client certificate
with the ca-cert option. Otherwise ocserv doesn't know how which
certificates are valid.
regards,
Nikos
More information about the openconnect-devel
mailing list