08-15-2015 08:53 AM
When connecting to an ASA with self-signed cert, using Cisco AnyConnect Secure Mobility Client 3.1 (10010), the AnyConnect client presents the Big Red Box of Warning, which is good. The user would need to disable "Block Connections to Unknown Servers" in preferences in order to complete the connection.
Is there a way for the user to view the SHA1/SHA3 fingerprint of the self-signed cert, before disabling the security block? I could have sworn that older versions of the AnyConnect client allowed the user view the certificate details and fingerprint before choosing to Accept and connect.
Solved! Go to Solution.
08-15-2015 09:20 AM
You can't do that from AnyConnect 3.x or 4.x as far as I know. Even a Diagnostics and Reporting Tool (DART) bundle does not include that information.
It's easy enough to inspect though if you just browse to the ASA's interface from almost any browser. From there you can examine the site (ASA) certificate, including the RSA public key fingerprint.
08-15-2015 09:20 AM
You can't do that from AnyConnect 3.x or 4.x as far as I know. Even a Diagnostics and Reporting Tool (DART) bundle does not include that information.
It's easy enough to inspect though if you just browse to the ASA's interface from almost any browser. From there you can examine the site (ASA) certificate, including the RSA public key fingerprint.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide