Had done both (with and without the no-cert-check) after the exports to myca.crt and same problem. Will see to capture the traffic. Any preferred format or tool? cheers Christof On 11/05/2013 04:53 PM, David Woodhouse wrote: > Can you drop the --no-cert-check argument to openconnect now? Can you also capture the traffic between client and server when the Cisco client successfully connects, and when OpenConnect fails? I believe the *certificates* are sent in the clear, and that ought to be enough.
