Solved: Re: Cisco AnyConnect::How to hide "Security Warning : Untrusted C - Page 2

ROHIT SHARMA · ‎10-17-2014

Whenever I connect to my ASA using Anyconnect client, attached warning message always appear and there is no option to Trust it or import certificate so that it should not appear next time.

Anyone please help to make the option visible to trust certificate or make this warning go away.

I tried Anyconnect 3.1.05152 and the latest also.

denis@cybecs.com · ‎11-11-2022

Hey Community,

I'm using the anyconnect agent for authentication and posture, I had to renew the certificates on my node and did that via exporting a CSR and signed him with our sub-CA.

Unfortunately, all endpoints in the company show a "Security warning: Untrusted server certificate", I used an FQDN for the CSR and it seems to be ok but still, endpoints are not trusted with the new certificates.

any recommendation?

Rob Ingram · ‎11-11-2022

denis@cybecs.com if you look closely at the error it states "certificate is not identified for this purpose" - this means you've used the wrong certificate template on your CA to sign the certificate, which doesn't have the correct key usages.

denis@cybecs.com · ‎11-11-2022

Thank you very much, Rob, can you guide me on which template I should use?

Rob Ingram · ‎11-12-2022

denis@cybecs.com not sure which CA you are using, but if Microsoft Certificate Authority - try the "Web Server" template, or another with Client/Server Authentication EKU (Extended Key Usage).

Cisco AnyConnect::How to hide "Security Warning : Untrusted Certificate"