Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
David Raison
david at tentwentyfour.lu
Fri Sep 22 05:39:10 PDT 2017
Hi Nikos,
On 22/09/17 02:38, Nikos Mavrogiannopoulos wrote:
> Without using debugging tools you most likely never find the culprit. From you previous logs, the client fails at signing with rsa-sha512. A long shot may be that there is a buffer overflow somewhere due to sha512. Have you tried eliminating this signing algorithm from server (or client)?
Unfortunately I don't control the server (or I wouldn't be using
AnyConnect :P) but maybe Noël or I can try disabling RSA-SHA512 on the
client side and see if that changes anything.
Regards,
David
--
TenTwentyFour S.à r.l.
W: www.tentwentyfour.lu
T: +352 20 211 1024
F: +352 20 211 1023
3 Avenue du Blues
4368 Belvaux
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20170922/e058673d/attachment.sig>
More information about the openconnect-devel
mailing list