cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
10187
Views
5
Helpful
1
Replies
Highlighted
Beginner

Certificate does not match the servername

I have a problem with latest Anyconnect Mobile clients, on any device(iPhone,PC..) I have this error message.

Anyconnect cannot verify the VPN server : testgate.xxx.ru

Certificate does not match the server name

Certificate is from an untrusted source

Here what I have:

Cisco ASA5505(as Anyconnect termination point) with third-party certificate installed:

Major fields in this certificate:

CN=testgate.xxx.ru

KU=DigitalSignature,KeyEncipherment

EKU=serverAuth

this url says about this

http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect31/release/notes/anyconnect31rn.html#wp1049936

In Public DNS servers I have all records in forward and reverse dns zones about my name

testgate.xxx.ru <-> 193.xx.xx.70

On ASA Anyconnect profile(xml) I have ONLY(no IP) name of my server testgate.xxx.ru.

All certificates(rootCA,userCER) - installed on client side, all of them are trusted

Why it happens?

thx

1 REPLY 1
Highlighted
Contributor

Are the certificates installed in local computer storage? (Start - Execute - mmc - add snapin - certificates - local computer)

Should definitely work with PC

Michael Please rate all helpful posts