cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
442
Views
1
Helpful
1
Replies

Certificate Validation Failed

guacamoley
Beginner
Beginner

Hi all,

   I am testing AnyConnect Cert Auth /w Machine Certs for eventual Management Tunnel implementation with AnyConnect 4.10.07 on FTD/FMC (7.2.4). I am running into the issue of "Certificate Validation Failed" when I attempt to connect. I can't figure out what is causing this. I have Cert Store Override enabled. I have tried running AC as administrator. I have validated that my profile When I attempt to sign in, my list of certs does pop up, but when I select the relevant one it just immediately -goes to the Cert Validation Failed. 

I have uploaded my internal root CA into "Trusted CA's" in the FMC and my identity Cert is trusted via a third party CA. The only thing I am wondering - do I need to enroll the internal root CA onto my FTD as well? That is the only culprit I can think of but can't test as I don't have access to the Private Key at the moment, only the .cert file. 

My debugs show absolutely nothing. DART Logs show these four messages:

- Certificate authenticate requested from gateway, no valid certs found in users cert store.

- CERTIFICATE_ERROR_PROVIDER_ERROR

- CryptAcquireCertificatePrivateKey - Keyset does not exist

- CryptAcquireCertificatePrivateKey - Access denied. 

 

 

Any help would be greatly appreciated!

1 Accepted Solution

Accepted Solutions

guacamoley
Beginner
Beginner

SOLVED - I also needed to enroll my CA cert into the FTD of course

View solution in original post

1 Reply 1

guacamoley
Beginner
Beginner

SOLVED - I also needed to enroll my CA cert into the FTD of course

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: