SSL Certificate verification bug

Kevin Cernekee cernekee at gmail.com
Thu Aug 22 13:43:09 EDT 2013


On Thu, Aug 22, 2013 at 6:52 AM, Marina Papoutsi
<marina.cogsci at gmail.com> wrote:
> Attempting to connect to 128.40.125.50:443
> SSL negotiation with vpn.ucl.ac.uk
> Connected to HTTPS on vpn.ucl.ac.uk
> GET https://vpn.ucl.ac.uk/
>
> Got HTTP response: HTTP/1.0 302 Object Moved
> SSL negotiation with vpn.ucl.ac.uk
> Connected to HTTPS on vpn.ucl.ac.uk
> GET https://vpn.ucl.ac.uk/+webvpn+/index.html
> GET https://vpn.ucl.ac.uk/CACHE/sdesktop/install/binaries/sfinst
> Got HTTP response: HTTP/1.1 404 Not Found (does not exist)
> Cannot receive HTTP 1.0 body without closing connection
> Failed to obtain WebVPN cookie

This is different from the certificate validation redirect problem
(which shouldn't affect v4.07).

It looks like the gateway requires CSD, but didn't install the Linux
CSD binaries.  If you can convince the administrator to disable CSD,
that would be the ideal solution.  If not, you may have to write a CSD
wrapper script to post the correct "answer" to the server.

Does the official Linux AnyConnect client work correctly or does that fail too?



More information about the openconnect-devel mailing list