cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
12280
Views
0
Helpful
1
Replies

AnyConnect 3.1 - removing Security Warning: Untrusted VPN Server Certificate!

Hi guys,

Is there a way to disable the warning generated from using self signed certs?

I would like to make the process as seamless as possible.

AnyConnect 3.1

ASA 8.4(2)

Thanks.

1 Reply 1

Jouni Forss
VIP Alumni
VIP Alumni

Hi,

We had problem with the above error message with our certificate when we moved to AnyConnect 3.1

We were instructed to request a new one

Also here is the link to Cisco site we were provided that explains the changes in 3.1

IPSec and SSL connections require server  certificates to contain Key Usage attributes of Digital Signature and  Key Encipherment, as well as an Enhanced Key Usage attribute of Server  Authentication or IKE Intermediate. Note that IPSec server certificates  not containing a Key Usage are considered invalid for all Key Usages,  and similarly an IPSec server certificate not containing an Enhanced Key  Usage is considered invalid for all Enhanced Key Usages. 

Link to document

http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect31/release/notes/anyconnect31rn.html#wp1049936

Sadly I dont dable with certificates myself so I'm not really familiar with this.

- Jouni

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: