On Thu, 2012-07-12 at 16:09 -0400, Mcclelland, Michael B wrote: > Just a quick update on my progress. The patch did fix my issue > presenting the certificate to the server; thanks again. I'm now to > find out why the ASA rejects my certificate when I connect with > Openclient. My first thought would be that the server doesn't have the full trust chain back to its root. You can use tcpdump to capture the exchange between you and the server: tcpdump -i eth0 -s 1500 host $VPNSERVER -w filename.cap Replace 'eth0' with the name of the interface you're using for your Internet connection. Perhaps it's 'wlan0' if you're on wireless. If you send me (in private) the capture files which show OpenConnect and the Cisco client connecting, we can compare the two. -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 6171 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20120712/81704dbf/attachment.bin>
