Certificate Auth Error on iOS ( AnyConnect )
Rankjie
rankjie at gmail.com
Sun Mar 23 05:36:00 EDT 2014
Well, after set the cisco-client-compat to true, it’s working now.
BTW, how can I use certificate or password auth but not require both?
On Mar 23, 2014, at 17:15, Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:
> On Sun, 2014-03-23 at 11:43 +0800, Rankjie wrote:
>> Hi,
>>
>> I use the same user-certificate on my Mac ( client is openconnect ) and my iPhone ( client is anyconnect )
>> Things were fine on my Mac, but on the iOS, the connection could not be established.
>>
>> Here is my ocserv.conf: https://gist.github.com/rankjie/bb7c7e4bfe86d323abb6
>> Server’s log when connect to it on iOS: https://gist.github.com/rankjie/8618400ba3a2075457b0
>> From the log of ocserv, I can see “user 'CN=user1' of group '[unknown]' authenticated”
>> but eventually failed with “GnuTLS error (at worker-vpn.c:691): No certificate was found.”
>> The same certificate was all right on my mac with openconnect. So this
> might be a compatibility issue?
>
> Hello,
> You need to set cisco-client-compat to true and possibly the profile
> file, for cisco clients to be able to connect.
>
> regards,
> Nikos
>
>
More information about the openconnect-devel
mailing list