On Tue, 2013-11-05 at 11:20 +0100, Christof Haerens wrote: > > I try to connect to cisco with openconnect and my Belgian EID card. My > access is ok and no user/pw is needed. This is verified with my card > and using the anyconnect on windows. Hm, that really looks like it *ought* to be working. The only thing I can think of is that your server might need the full certificate trust chain, instead of just the 'leaf' cert itself. Can you ensure that your certificate authorities are installed correctly (or just use the --cafile option), and that you have a full trust chain for your personal cert? That way, openconnect will *offer* that chain on the wire, which might help with authentication. -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5745 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20131105/2721dbc4/attachment.bin>