cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
465
Views
0
Helpful
5
Replies
Highlighted
Beginner

AnyConnect certificate

I have installed an SSL cert from Symantec for my AnyConnect configuration.  And everything seemed to be working fine however after logging into our anyconnect portal I am receiving an error during the Java applet launch saying "The web site's certificate cannot be verified.  Do you want to continue?"  Even though, from what I see, the site is verfied and encrypted...

Is there something I'm missing?   ... let me know what information you need to troubleshoot.

5 REPLIES 5
Highlighted
Cisco Employee

Andrew,

You need to apply the certifiacte on outside interface where you ahev enabled webvpn

Here is what you have to do

ASDM

Step 5. Configure WebVPN to Use the Newly Installed Certificate

ASDM Procedure

  1. Click Configuration, and then click Device           Management.

  2. Expand Advanced, and then expand SSL           Settings.

  3. Under Certificates, select the interface that is used to terminate           WebVPN sessions.

    In this example, the outside interface is used.

  4. Click Edit.

  5. In the Certificate drop-down list, choose the certificate installed           in Step 4.

  6. Click OK.

  7. Click Apply.

    Your new certificate should now be utilized for all WebVPN sessions           that terminate on the interface specified.

  8. See the Verify section in order to           confirm that the installation process was successful.

You also need to make sure that you complete the certifiacte chain in ASA as well.

Kindly let me know if that helps.

Regards,

Varinder

P.S. Please mark this post as 'Answered' if you find the above information helpful so that it brings goodness to other community users

Regards, Varinder P.S. Please mark this post as 'Answered' if you find the above information helpful so that it brings goodness to other community users
Highlighted

Thanks for the reply,

It is already applied to the outside interface there.

Highlighted
Beginner

Note*

This error does not show in Internet Explorer.

Highlighted

Can you send the output of following comamnd:

Sh run all ssl

Regards,

Varinder

Regards, Varinder P.S. Please mark this post as 'Answered' if you find the above information helpful so that it brings goodness to other community users
Highlighted

Here is the output:

ssl server-version any

ssl client-version any

ssl encryption rc4-sha1 aes128-sha1 aes256-sha1 3des-sha1

ssl trust-point ASDM_TrustPoint1 outside

Content for Community-Ad