On Mon, Sep 18, 2017 at 1:24 AM, Miguel Cruz <miguel.cruz at realbytes.be> wrote: > Hi, > > I'm trying to connect to some Cisco Anyconnect server I do not control > but the connection apparently fails during the SSL negotiation. > > I have investigated the issue using openssl and found that the server > only supports TSLv1 with protocol renegotiation disabled. > > Is there any way to specify OpenConnect which SSL/TLS protocol to use? Only if you compile openconnect with the '--with-default-gnutls-priority' option, and then set a priority which only enables TLS1.0. You may want to try tools like gnutls-cli-debug to see whether there can be something done with that server. regards, Nikos
