Does OpenConnect handle SCEP?
David Woodhouse
dwmw2 at infradead.org
Sun Apr 28 04:24:01 PDT 2024
On Sat, 2024-04-27 at 22:56 -0400, marcuac at gmail.com wrote:
>
> I've been looking online for an alternative to Cisco AnyConnect client
> (which I haven't been able to get working on Linux) and I saw people
> recommending OpenConnect. My workplace VPN is configured to do
> certificate enrollment when connecting for the very first time, which
> I believe is done through SCEP (simple certificate enrollment
> protocol). I've installed and tried NetworkManager-openconnect but it
> doesn't seem to do this initial certificate enrollment. Does
> OpenConnect implement SCEP?
It doesn't. And unless it's integrated with the protocol to the point
where it *absolutely* necessary, I think I'd prefer it to remain that
way — at least for OpenConnect *itself*.
But if this is a setup that people need to use, we should definitely
work out how to integrate it with an existing SCEP client.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5965 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20240428/88c9249c/attachment.p7s>
More information about the openconnect-devel
mailing list