Hi, I am trying to connect to Juniper VPN. The authentication process is successful all the way through including the prompt for the rsa key fob. Openconnect logs into the VPN and I can observe another machine being forced to log out because of that (which is a good thing). However, in the end it throws the SSL error. Please see the log below. Is there something that I can do to fix it? Thanks. Oleg. ubuntu at ubuntu:~/Documents$ sudo openconnect -v --juniper --disable-ipv6 --cafile=ssl.crt junipervpn.company.com WARNING: Juniper Network Connect support is experimental. It will probably be superseded by Junos Pulse support. GET https://junipervpn.company.com/ Attempting to connect to server 204.99.18.155:443 SSL negotiation with junipervpn.company.com Server certificate verify failed: unable to get local issuer certificate Certificate from VPN server "junipervpn.company.com" failed verification. Reason: unable to get local issuer certificate Enter 'yes' to accept, 'no' to abort; anything else to view: yes Connected to HTTPS on junipervpn.company.com Got HTTP response: HTTP/1.1 302 Found Location: https://junipervpn.company.com/dana-na/auth/url_default/welcome.cgi Content-Type: text/html; charset=utf-8 Set-Cookie: DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure Set-Cookie: DSIVS=; path=/; expires=Thu, 01 Jan 1970 22:00:00 GMT; secure Set-Cookie: DSSignInURL=/; path=/; secure Connection: close Content-Length: 0 HTTP body length: (0) GET https://junipervpn.company.com/dana-na/auth/url_default/welcome.cgi SSL negotiation with junipervpn.company.com Server certificate verify failed: unable to get local issuer certificate Connected to HTTPS on junipervpn.company.com Got HTTP response: HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Date: Wed, 11 Mar 2015 18:20:50 GMT x-frame-options: SAMEORIGIN Connection: close Pragma: no-cache Cache-Control: no-store Expires: -1 HTTP body http 1.0 (-1) frmLogin realm [Company Users|Other Users]:Company Users frmLogin username:myusername password: POST https://junipervpn.company.com/dana-na/auth/url_default/login.cgi SSL negotiation with junipervpn.company.com Server certificate verify failed: unable to get local issuer certificate Connected to HTTPS on junipervpn.company.com Got HTTP response: HTTP/1.1 302 Moved location: https://junipervpn.company.com/dana-na/auth/url_default/welcome.cgi?p=more-cred&id=state_1521c91dcc06202c333fd6fe3361253c Content-Type: text/html; charset=utf-8 Connection: close Pragma: no-cache Cache-Control: no-store Expires: -1 HTTP body http 1.0 (-1) GET https://junipervpn.company.com/dana-na/auth/url_default/welcome.cgi?p=more-cred&id=state_1521c91dcc06202c333fd6fe3361253c SSL negotiation with junipervpn.company.com Server certificate verify failed: unable to get local issuer certificate Connected to HTTPS on junipervpn.company.com Got HTTP response: HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Date: Wed, 11 Mar 2015 18:21:05 GMT Connection: close Pragma: no-cache Cache-Control: no-store Expires: -1 HTTP body http 1.0 (-1) frmLogin password#2: POST https://junipervpn.company.com/dana-na/auth/url_default/login.cgi SSL negotiation with junipervpn.company.com Server certificate verify failed: unable to get local issuer certificate Connected to HTTPS on junipervpn.company.com Got HTTP response: HTTP/1.1 302 Moved Set-Cookie: DSASSERTREF=x; path=/; expires=Thu, 01 Jan 1970 22:00:00 GMT; secure Set-Cookie: DSID=18cbe9dc0a531e43669bd0945ce090a2; path=/; secure Set-Cookie: DSFirstAccess=1426098079; path=/; secure Date: Wed, 11 Mar 2015 18:21:19 GMT location: https://junipervpn.company.com/dana/home/starter0.cgi?check=yes Content-Type: text/html; charset=utf-8 Connection: close Pragma: no-cache Cache-Control: no-store Expires: -1 Content-Length: 0 HTTP body length: (0) GET https://junipervpn.company.com/dana/home/starter0.cgi?check=yes SSL negotiation with junipervpn.company.com Server certificate verify failed: unable to get local issuer certificate Connected to HTTPS on junipervpn.company.com Got HTTP response: HTTP/1.1 200 OK Content-type: text/html; charset=utf-8 Set-Cookie: DSLastAccess=1426098079; path=/; Secure Connection: close Pragma: no-cache Cache-Control: no-store Expires: -1 HTTP body http 1.0 (-1) SSL negotiation with junipervpn.company.com Server certificate verify failed: unable to get local issuer certificate Connected to HTTPS on junipervpn.company.com Got HTTP response: HTTP/1.1 200 OK Content-type: application/octet-stream Pragma: no-cache NCP-Version: 3 Set-Cookie: DSLastAccess=1426098080; path=/; Secure Connection: close SSL negotiation with junipervpn.company.com Server certificate verify failed: unable to get local issuer certificate Connected to HTTPS on junipervpn.company.com Got HTTP response: HTTP/1.1 200 OK Content-type: application/octet-stream Pragma: no-cache NCP-Version: 3 Set-Cookie: DSLastAccess=1426098080; path=/; Secure Connection: close 0000: 13 00 00 04 00 00 00 06 00 75 62 75 6e 74 75 bb 0010: 01 00 00 00 00 Server response to hostname packet is error 0x08 Creating SSL connection failed
