Cannot get certtool generated client certificate to work with AnyConnect client on iOS
David Frank
bitinn at gmail.com
Tue Oct 21 06:00:16 PDT 2014
>> - certtool --to-p12 --load-ca-certificate ca-cert.pem --load-privkey
>> >user-key.pem --load-certificate user-cert.pem --outfile user.p12
> The equivalent:
> MAC info:
> MAC: SHA1 (1.3.14.3.2.26)
>
> BAG #0
> Type: Encrypted
> Cipher: ARCFOUR-128
> Schema: PKCS12-ARCFOUR-SHA1 (1.2.840.113549.1.12.1.1)
>
> BAG #1
> Type: Encrypted
> Cipher: ARCFOUR-128
> Schema: PKCS12-ARCFOUR-SHA1 (1.2.840.113549.1.12.1.1)
>
> So I'd suggest to use --pkcs-cipher=3des-pkcs12 as algorithm. That will
> also be the default in certtool in 3.4.0.
Tried both 3des and aes, unforunately no good on iOS AnyConnect, same
vague error message.
More information about the openconnect-devel
mailing list