11-03-2019 12:39 PM
How do AnyConnect certificates work? What I am trying to do is stop users from having to click the "Connect anyway" button on the certificate warning screen. I cant seem to find where they are stored locally or inside of ASDM
Solved! Go to Solution.
11-03-2019 07:28 PM
AnyConnect uses the identity certificate of the ASA. If the certificate FQDN or Subject Alternative Name (SAN) doesn't match the URL you've given your users then they will get the mismatch and be required to manually accept that discrepancy ("Connect anyway").
In ASDM it shows up under Configuration > Remote Access VPN > Network (Client) Access > AnyConnect Connection Profiles, Device Certificate button. The available certificate(s) are listed under Configuration > Device Management > Certificate Management > Identity Certificates.
In the cli there is a "ssl trust-point <TrustPoint Name> <Interface name>" command that binds a given certificate Trustpoint to the interface where the clients connect. That equates to the first section above. The second section would be under "crypto ca certificate ..." commands.
11-03-2019 07:28 PM
AnyConnect uses the identity certificate of the ASA. If the certificate FQDN or Subject Alternative Name (SAN) doesn't match the URL you've given your users then they will get the mismatch and be required to manually accept that discrepancy ("Connect anyway").
In ASDM it shows up under Configuration > Remote Access VPN > Network (Client) Access > AnyConnect Connection Profiles, Device Certificate button. The available certificate(s) are listed under Configuration > Device Management > Certificate Management > Identity Certificates.
In the cli there is a "ssl trust-point <TrustPoint Name> <Interface name>" command that binds a given certificate Trustpoint to the interface where the clients connect. That equates to the first section above. The second section would be under "crypto ca certificate ..." commands.
11-12-2019 06:25 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide