On Fri, Dec 1, 2017 at 4:27 AM, David Woodhouse <dwmw2 at infradead.org> wrote: > On Fri, 2017-12-01 at 12:58 +0100, Union wrote: >> >> In the past I could successfully connect with the pfx certificate to >> the ASA server with openconnect. >> >> But last couple of weeks this doesn't work anymore. It seems >> connection is established, but at the end, it just throw out the login >> entry (more details in the attachment). > > I take it the certificate hasn't expired? > > The primary version of OpenConnect isn't on github, btw. I'm not sure > which one you're looking at, but it shouldn't make much difference; > this hasn't changed for a while. This might be in reference to my GlobalProtect fork/wayward sheep. Someone recently opened and then immediately closed an issue on client cert handling: https://github.com/dlenski/openconnect/issues/71 (I haven't changed the cert handling in any way?) -Dan
