cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
291
Views
0
Helpful
1
Replies

view SHA fingerprint of self-signed cert on ASA webvpn client?

When connecting to an ASA with self-signed cert, using Cisco AnyConnect Secure Mobility Client 3.1 (10010), the AnyConnect client presents the Big Red Box of Warning, which is good.  The user would need to disable "Block Connections to Unknown Servers" in preferences in order to complete the connection.

Is there a way for the user to view the SHA1/SHA3 fingerprint of the self-signed cert, before disabling the security block?  I could have sworn that older versions of the AnyConnect client allowed the user view the certificate details and fingerprint before choosing to Accept and connect.

 

1 ACCEPTED SOLUTION

Accepted Solutions
Marvin Rhoads
Hall of Fame Guru

You can't do that from AnyConnect 3.x or 4.x as far as I know. Even a Diagnostics and Reporting Tool (DART) bundle does not include that information.

It's easy enough to inspect though if you just browse to the ASA's interface from almost any browser. From there you can examine the site (ASA) certificate, including the RSA public key fingerprint.

View solution in original post

1 REPLY 1
Marvin Rhoads
Hall of Fame Guru

You can't do that from AnyConnect 3.x or 4.x as far as I know. Even a Diagnostics and Reporting Tool (DART) bundle does not include that information.

It's easy enough to inspect though if you just browse to the ASA's interface from almost any browser. From there you can examine the site (ASA) certificate, including the RSA public key fingerprint.

View solution in original post

Content for Community-Ad