Thanks for the reply. I was able to generate the server cert fingerprint, but I had it wrong, because when I connected in the shell openconnect reported the correct one. Liam On Sun, Apr 19, 2015 at 11:27 AM, David Woodhouse <dwmw2 at infradead.org> wrote: > The -c optiin is for your client certificate, which requires a > corresponding private key is you're going to use it to prove your > identity. > > For a server-side cert you want --servercert. Or just give the server a > proper cert! > > Note that --servercert takes a hash of the cert (which is shown if you ask > for the cert info) not the full cert in a file as you seem to have. > > -- > dwmw2 >
