Cisco AnyConnect mobile not handling certificates correctly

Adam Hudson · ‎11-01-2012

I have an SSL VPN set up on my ASA 5520 with a self signed cert. When I run the AnyConnect install on my desktop machine I have click through a few windows to accept the certificate. When I connect through the mobile client on Android, the connection goes right through without a prompt to import/choose/download a certificate. I'm able to connect but I'm wondering if the phone has actually recieved a certificate. I'm in the 'Advanced Connection Editor' screen and the certificate setting says "Automatic".

How can I tell if I'm actually using a certificate on the device?

Thanks in advance.

Adam Hudson · ‎11-06-2012

Going through my phone it doesn't look like the cert is actually stored in the phone. A co-worker advised me that the Anyconnect software actually authenticates against the host name. If this is true, is the cert used at all?

Thanks for any help in advance.

Adam Hudson · ‎11-06-2012

After not trying to connect for a week, I try to connect on the Android and get the "certifcate does not match the server name. is from an untrusted source, is not identified for this purpose"

Ultimately it comes down to this, if I'm not planning on buying a legit SSL certificate anytime soon, is there any reason to use a self-signed cert from the ASA itself on the ASA? If so, how do I show that the cert is trusted and skip over these warnings?