Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1480
Views
5
Helpful
1
Replies

Cisco AnyConnect on Macbook, Certificate based authentication gives error.

AbdulNafey
Level 1
Level 1

‎10-11-2018 03:53 AM

Hello,

 

I have an issue where I have installed the certificates and key as below:

1. /cisco/certificates/client/mycert.pem

2. /cisco/certificate/private/mycert.key

3. /cisco/certificate/ca/myrootca.pem 

 

I've run a DART and can see certificate validation failure error message.

 

</acguiNotice>

<acguiNotice module="com.cisco.anyconnect.presentation.vpn" type="update" timestamp="Thu Oct 11 11:36:53 2018">

<label id="simple_status" value="No valid certificates available for authentication." tooltip="No valid certificates available for authentication."/>

<log messagehistory="No valid certificates available for authentication."/>

</acguiNotice>

<acguiNotice module="com.cisco.anyconnect.presentation.vpn" type="popup">

<popup timestamp="Thu Oct 11 11:36:53 2018" id="error_popup" type="error">

<title value="Cisco AnyConnect"/>

<text value="Certificate Validation Failure"/>

</popup>

</acguiNotice>

 

My .xml file is like below for certificates:

 

<?xml version="1.0" encoding="UTF-8"?>
<AnyConnectProfile xmlns="http://schemas.xmlsoap.org/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://schemas.xmlsoap.org/encoding/ AnyConnectProfile.xsd">
<ClientInitialization>
<UseStartBeforeLogon UserControllable="true">false</UseStartBeforeLogon>
<AutomaticCertSelection UserControllable="false">true</AutomaticCertSelection>
<ShowPreConnectMessage>false</ShowPreConnectMessage>
<CertificateStore>Machine</CertificateStore>
<CertificateStoreMac>All</CertificateStoreMac>
<CertificateStoreOverride>

 

Is there something I'm missing here ?

 

Regards,

Abdul

1 person had this problem
Labels:
1 Reply 1

Alex Pfeil
Level 7
Level 7

‎11-06-2019 02:05 PM

I am automatically enrolling the certificate onto the MAC. I get the exact same error. Have you resolved the problem. The MAC I am working with is running 10.14.5. It must be a client certificate issue. I am just not sure how to import the certificate and make the Cisco AnyConnect client use it.

0 Helpful
Customers Also Viewed These Support Documents