On Sun, 2013-12-08 at 01:59 +0800, Karl wrote: > Hi, > > In my config, it has: > > auth = "certificate" auth = "plain[/opt/ocserv/passwd]" > > but AnyConnect client failed to connect, debug log shows: > > "No certificate was found." > > add "always-require-cert=false", it goes further, but still has error > like: > > "error verifying client certificate." Did I miss something or buggy in > 0.2.2? You'll need to set the authority that signed the client certificate with the ca-cert option. Otherwise ocserv doesn't know how which certificates are valid. regards, Nikos
