Hi all,
I am testing AnyConnect Cert Auth /w Machine Certs for eventual Management Tunnel implementation with AnyConnect 4.10.07 on FTD/FMC (7.2.4). I am running into the issue of "Certificate Validation Failed" when I attempt to connect. I can't figure out what is causing this. I have Cert Store Override enabled. I have tried running AC as administrator. I have validated that my profile When I attempt to sign in, my list of certs does pop up, but when I select the relevant one it just immediately -goes to the Cert Validation Failed.
I have uploaded my internal root CA into "Trusted CA's" in the FMC and my identity Cert is trusted via a third party CA. The only thing I am wondering - do I need to enroll the internal root CA onto my FTD as well? That is the only culprit I can think of but can't test as I don't have access to the Private Key at the moment, only the .cert file.
My debugs show absolutely nothing. DART Logs show these four messages:
- Certificate authenticate requested from gateway, no valid certs found in users cert store.
- CERTIFICATE_ERROR_PROVIDER_ERROR
- CryptAcquireCertificatePrivateKey - Keyset does not exist
- CryptAcquireCertificatePrivateKey - Access denied.
Any help would be greatly appreciated!
