Solved: Certificate needed on ASA 5510 for Cisco Secure Desktop ?

dnivelle · ‎01-05-2009

I use Cisco Anyconnect "anyconnect-win-2.3.0185-k9" and ASA 8.0.4. I just want to use CSD for prelogin and check a registry key of the PC desktop .

It works fine but i have always in ASA log this message :

"Certificate validation failed. No suitable trustpoints found to validate certificate serial number: xxxxxxxxxxxxx, subject name: cn=CiscoSecureDesktop.

Jan 05 2009 15:00:50: %ASA-3-717027: Certificate chain failed validation. No suitable trustpoint was found to validate chain."

Do i need to install a certificate on ASA just to use the CSD module ? Or what is the mean to avoid this log message and avoid to use a CSD certificate ?

Thanks for your help.

David.

mulatif · ‎01-05-2009

Hi David,

The issue is more cosmetic and does not affect any functionality.

You can view the bug "CSCsr07594", which describes the issue and workaround in detail.

Thanks,

Naman

View solution in original post

mulatif · ‎01-05-2009

Hi David,

The issue is more cosmetic and does not affect any functionality.

You can view the bug "CSCsr07594", which describes the issue and workaround in detail.

Thanks,

Naman

dnivelle · ‎01-05-2009

Hi Naman,

Thanks for your response and your help. I need certificate, so i will let the configuration in this current state.

David.

skhan · ‎05-07-2009

Hi David,

Would it be possible to send me a sample config. I am trying to get the certs working with anyconnect and keep on getting "certificate validation failure" and at times got similar error as yours, but could not get it working. I am working with a MS CA and require Machine Authentication