openconnect with p7b client certificate
Mikołaj Stefaniak
nick at surreal.pl
Thu Sep 22 08:01:38 PDT 2016
W dniu 2016-09-22 16:53, David Woodhouse napisał(a):
> On Thu, 2016-09-22 at 16:47 +0200, Mikołaj Stefaniak wrote:
>>
>>
>> Yeach and that is the whole mystery. I got PKCS#7 certificate file
>> from
>> my IT department - obviously there is no key inside. Despite that I
>> could import this certificate to windows certmgr and Windows
>> Anyconnect
>> is using it as client certificate in TLS handshake (I inspected this
>> with Wireshark). It is possible to use this certificate in Firefox
>> even!
>> (when accessing https vpn site)
>
> Can you *export* it from Firefox? Or use JailBreak to export it from
> your Windows certificate store?
Well Firefox/Chrome cert export opens Windows certmgr and private key is
marked as non exportable there (still I wonder what kind of key is
there...). I would go with jailbrake or mimikatz but f*!*@* McAfee is
blocking them as "Possibly Unwanted Programs" so I have to find some way
to disable this sh#!t :-(
More information about the openconnect-devel
mailing list