cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
813
Views
0
Helpful
1
Replies

Code Signing certificates - AnyConnect Client

anand_rahul13
Level 1
Level 1

Hi All,

I came across this article where Microsoft is saying that they will not be supporting AnyConnect clients signed with SHA-1.

Cisco has recommended to upgrade to AnyConnect release 3.1.13015, the future version of AnyConnect 4.2 MR, or AnyConnect 4.3+ releases in order to keep their AnyConnect functional on Windows platforms after January 1, 2017  .

"Microsoft No Longer Supporting SHA-1—A secure gateway with a SHA-1 certificate or a certificate with SHA-1 intermediate certificates is considered valid by a Windows endpoint until January 2017.

http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect31/release/notes/anyconnect31rn.html

My question is that we are using AnyConnect Client version - anyconnect-win-3.1.14018-k9, as this is the latest versiuon available on Cisco.com site.

Is this AnyConnect Client is Code signed by SHA-2 or SHA-1?

Does this client is going to have issue after Jan1, 2017?

Thanks in advance.

1 Reply 1

JP Miranda Z
Cisco Employee
Cisco Employee

Hi anand_rahul13,

As per the documentation the latest AnyConnect version should not have any issue after Jan1 2017:

Cisco has recommended to upgrade to AnyConnect release 3.1.13015, the future version of AnyConnect 4.2 MR, or AnyConnect 4.3+ releases in order to keep their AnyConnect functional on Windows platforms after January 1, 2017 

There is already an EOL and EOS:

http://www.cisco.com/c/en/us/products/collateral/security/anyconnect-secure-mobility-client/eos-eol-notice-c51-734084.html

Which does not means is going to be end of support so you should be able to stay on AnyConnect 3.1.14018 without any problem.

Hope this info helps!!

Rate if helps you!! 

-JP-