On Mon, Jun 27, 2016 at 7:40 AM, Yick Xie <yick.xie at gmail.com> wrote: > Hello Nikos, > Today I just ungraded the gnutls to 3.4.13, but this problem still > existed. Even I just self signed two certs based on 2 domains such as > a.domain.com and b.domain.com. When connecting via the second cert, > the AnyConnect client always poped up "Certificate does not match the > server name". I have already added the dns_name and kept it same as > CN. Is there something I missed in the configuration? What does openconnect client do? Does it use the correct certificate?