cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

3073
Views
0
Helpful
3
Replies
wileong
Cisco Employee

AnyConnect Posture Certificate error

Hi,

IHAC with 3 PSNs and running posturing. Everytime AnyConnect compliance module kicks in, there is a certificate error pop-up. I have verified all certificate - CA and PSNs certificate are in Windows 8.1 Trusted Certificate Store.

What could be the cost of this issue? We do not have any issue when posturing being turned off.

Thanks

Wing Churn

1 ACCEPTED SOLUTION

Accepted Solutions

Hi Paul,

This has been fixed by regenerating new certificate. Apparently AnyConnect does not like our certificate with an IP Address in SAN.

Removing the IP Address in SAN with just FQDN it works fine.

Regards,

Wing Churn

View solution in original post

3 REPLIES 3
pcarco
Cisco Employee

Hello,  Is this problem isolated to a single machine or wide spread across many users ?   Can you please reply with a screenshot and also run the DART on the AnyConnect client and email it to me directly   pcarco@cisco.com and i will take a look.

Also.  just looking internally at past similar issues - any chance you have upper case letters in the CN of the certificate ?

Best regards,

Paul

AC TME

Hi Paul,

This has been fixed by regenerating new certificate. Apparently AnyConnect does not like our certificate with an IP Address in SAN.

Removing the IP Address in SAN with just FQDN it works fine.

Regards,

Wing Churn

View solution in original post

Great to hear it is solved.

Best regards,

Paul

Create
Recognize Your Peers
Content for Community-Ad

ISE Webinars



Did you miss a previous ISE webinar?

CiscoISE YouTube Channel