SSL Certificate verification bug

Marina Papoutsi marina.cogsci at gmail.com
Thu Aug 22 13:53:03 EDT 2013


Hi Kevin,

thanks for being so helpful.

Getting my administrator to even reply about this issue would be a start 
... so  I'm not so sure about convincing them to disable CSD :-(


The anyconnect client doesn't work either. It gives the exact same 
error, but apparently it's only a problem for 64-bit versions, 32-bit 
works fine.
Other people on the web have reported something similar, but noone has 
suggested any solutions.
I'm thinking that some libraries might be in a different place ...

Many thanks again,
Marina







On 22/08/13 17:43, Kevin Cernekee wrote:
> On Thu, Aug 22, 2013 at 6:52 AM, Marina Papoutsi
> <marina.cogsci at gmail.com> wrote:
>> Attempting to connect to 128.40.125.50:443
>> SSL negotiation with vpn.ucl.ac.uk
>> Connected to HTTPS on vpn.ucl.ac.uk
>> GET https://vpn.ucl.ac.uk/
>>
>> Got HTTP response: HTTP/1.0 302 Object Moved
>> SSL negotiation with vpn.ucl.ac.uk
>> Connected to HTTPS on vpn.ucl.ac.uk
>> GET https://vpn.ucl.ac.uk/+webvpn+/index.html
>> GET https://vpn.ucl.ac.uk/CACHE/sdesktop/install/binaries/sfinst
>> Got HTTP response: HTTP/1.1 404 Not Found (does not exist)
>> Cannot receive HTTP 1.0 body without closing connection
>> Failed to obtain WebVPN cookie
> This is different from the certificate validation redirect problem
> (which shouldn't affect v4.07).
>
> It looks like the gateway requires CSD, but didn't install the Linux
> CSD binaries.  If you can convince the administrator to disable CSD,
> that would be the ideal solution.  If not, you may have to write a CSD
> wrapper script to post the correct "answer" to the server.
>
> Does the official Linux AnyConnect client work correctly or does that fail too?




More information about the openconnect-devel mailing list