Yesterday I have upgraded a Cisco ASA 5525 Cluster from 9.12(3)12 to 9.14(1).
After the upgrade I was not able to connect via Cisco AnyConnect anymore.
Because of no time, I did not have enough time to troubleshoot.
Debug logs for the keyword "ssl" gave me the following output:
SSL server inside:10.29.1.4/33528 to 10.29.7.11/636 chooses cipher ECDHE-RSA-AES256-SHA384
and next line:
SSL lib error. Function: ssl3_get_server_certificate Reason: certificate verify failed
10.29.1.4 is our ASA, 10.29.7.11 is our domain controller, where the authenication is forwarded to.
Does anybody know something about this or can give me an advice how to solve it?