AnyConnect Secure Mobility Client (ACSMC) failed to connect to ocserv with certificate
David Woodhouse
dwmw2 at infradead.org
Fri Jan 9 05:00:35 PST 2015
On Fri, 2015-01-09 at 20:54 +0800, tefeng wrote:
>
> It seemed that ACSMC on win7 didn't recognize the certificate (imported
> via 'mmc' command, the same way for strongSwan certificate which works OK).
>
> Any recommendations would be really appreciated. Thanks in adv.
Were you looking for recommendations other than using OpenConnect on
Windows? https://github.com/openconnect/openconnect-gui/wiki
How does the Cisco client know which certificate to use? In the profile
there is a <CertificateMatch> node which looks something like this:
<CertificateMatch>
<KeyUsage>
<MatchKey>Digital_Signature</MatchKey>
</KeyUsage>
<ExtendedKeyUsage>
<ExtendedMatchKey>ClientAuth</ExtendedMatchKey>
<CustomExtendedMatchKey>1.2.840.113741.1.5.1.101.1.5</CustomExtendedMatchKey>
</ExtendedKeyUsage>
</CertificateMatch>
Do you have something similar in your profile, and does the certificate
you've imported match the criteria?
--
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20150109/68ad2b6d/attachment.bin>
More information about the openconnect-devel
mailing list