Certificate Auth Error on iOS ( AnyConnect )

Rankjie rankjie at gmail.com
Sun Mar 23 05:36:00 EDT 2014


Well, after set the cisco-client-compat to true, it’s working now.
BTW, how can I use certificate or password auth but not require both?


On Mar 23, 2014, at 17:15, Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:

> On Sun, 2014-03-23 at 11:43 +0800, Rankjie wrote:
>> Hi,
>> 
>> I use the same user-certificate on my Mac ( client is openconnect ) and my iPhone ( client is anyconnect )
>> Things were fine on my Mac, but on the iOS, the connection could not be established.
>> 
>> Here is my ocserv.conf: https://gist.github.com/rankjie/bb7c7e4bfe86d323abb6
>> Server’s log when connect to it on iOS: https://gist.github.com/rankjie/8618400ba3a2075457b0
>> From the log of ocserv, I can see “user 'CN=user1' of group '[unknown]' authenticated”
>> but eventually failed with “GnuTLS error (at worker-vpn.c:691): No certificate was found.”
>> The same certificate was all right on my mac with openconnect. So this
> might be a compatibility issue? 
> 
> Hello,
> You need to set cisco-client-compat to true and possibly the profile
> file, for cisco clients to be able to connect.
> 
> regards,
> Nikos
> 
> 




More information about the openconnect-devel mailing list