AnyConnect + Network Access Manager (NAM) + Certificate

Patrick Tran · ‎06-06-2011

Hello,

I want to use Network Access Manager with Anyconnect.

I configured a WiFi network with EAP-TLS authentication.

The certificate used for EAP-TLS has the following EKU:

- clientAuth (1.3.6.1.5.5.7.3.2)

- emailProtection (1.3.6.1.5.5.7.3.4)

- msSmartcardLogin (1.3.6.1.4.1.311.20.2.2)

It works with Microsoft Wireless Zero Configuration.

With NAM, I have this error "No valid certificates available. Please insert a smart card or install a valid certificate"

If I remove msSmartcardLogin EKU, it works with NAM.

I can't remove this EKU because Smart card logon is used.

Why msSmartcardLogin EKU generates this error?

How can I resolve it?

Thanks a lot for your support.

Patrick

Herbert Baerten · ‎06-07-2011

Hi Patrick,

for NAM related issues I think you will get better response if you ask this in the forum.

good luck,

Herbert

Patrick Tran · ‎06-07-2011

Hi Herbert,

thanks for your advice, I didn't know the best forum for my question

Patrick

jwzhao · ‎10-12-2011

Hi,

I am having the same issue, but have noticed that every now and then the NAM will fail to detect the certificate 3 times then suddently in the NAM event log there will be a message that saying "“Enumerating certificate store 'user personal'.” and it would retrieve the local certificate for authentication.

Has anyone else experienced this problem? and knows the fix?

Regards,

JZ

anyconnect fails to detect the local certificate store about 3 time before “Enumerating certificate store 'user personal'.” And retrieves the local user certificate for authentication.