Spinning in "Refreshing wait.html after 1 second" Loop (CSD Verification)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Here it is with -vv and set -x:

> + sh connect.sh
> [sudo] password for <USER>: 
> POST https://<HOSTNAME>/
> Attempting to connect to server <ADDRESS>:<PORT>
> Connected to <ADDRESS>:<PORT>
> SSL negotiation with <HOSTNAME>
> Server certificate verify failed: signer not found
> Connected to HTTPS on <HOSTNAME>
> Got HTTP response: HTTP/1.1 200 OK
> Content-Type: text/html; charset=utf-8
> Transfer-Encoding: chunked
> Cache-Control: no-cache
> Pragma: no-cache
> Connection: Keep-Alive
> Date: Mon, 08 Oct 2018 11:33:07 GMT
> X-Frame-Options: SAMEORIGIN
> X-Aggregate-Auth: 1
> HTTP body chunked (-2)
> XML POST enabled
> GET https://<HOSTNAME>/+CSCOE+/sdesktop/wait.html
> --2018-10-08 04:33:07--  https://<HOSTNAME>/CACHE/sdesktop/hostscan/linux_x64/manifest
> Resolving <HOSTNAME> (<HOSTNAME>)... Got HTTP response: HTTP/1.1 200 OK
> Content-Type: text/html; charset=utf-8
> Transfer-Encoding: chunked
> Cache-Control: no-cache
> Pragma: no-cache
> Connection: Close
> Date: Mon, 08 Oct 2018 11:33:07 GMT
> X-Frame-Options: SAMEORIGIN
> HTTP body chunked (-2)
> Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
> <ADDRESS>
> Connecting to <HOSTNAME> (<HOSTNAME>)|<ADDRESS>|:<PORT>... connected.
> WARNING: The certificate of ?<HOSTNAME>? is not trusted.
> WARNING: The certificate of ?<HOSTNAME>? hasn't got a known issuer.
> HTTP request sent, awaiting response... 200 OK
> 
>     The file is already fully retrieved; nothing to do.
> 
> Got 6 files in manifes, locally found 6
> /home/<USER>/.cisco/hostscan/bin/cscan: OK
> /home/<USER>/.cisco/hostscan/bin/cstub: OK
> /home/<USER>/.cisco/hostscan/lib/libcsd.so: OK
> /home/<USER>/.cisco/hostscan/lib/libhostscan.so: OK
> /home/<USER>/.cisco/hostscan/lib/libinspector.so: OK
> /home/<USER>/.cisco/hostscan/lib/tables.dat: OK
> Launching: /home/<USER>/.cisco/hostscan/bin/cstub -log error -ticket "<TICKET>" -stub "0" -group "" -host "https://<HOSTNAME>/CACHE" -certhash "<CERTHASH>:"
> No value set for `/system/proxy/secure_host'
> No value set for `/system/http_proxy/host'
> GET https://<HOSTNAME>/+CSCOE+/sdesktop/wait.html
> SSL negotiation with <HOSTNAME>
> Server certificate verify failed: signer not found
> Connected to HTTPS on <HOSTNAME>
> Got HTTP response: HTTP/1.1 200 OK
> Content-Type: text/html; charset=utf-8
> Transfer-Encoding: chunked
> Cache-Control: no-cache
> Pragma: no-cache
> Connection: Close
> Date: Mon, 08 Oct 2018 11:33:09 GMT
> X-Frame-Options: SAMEORIGIN
> HTTP body chunked (-2)
> Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
> GET https://<HOSTNAME>/+CSCOE+/sdesktop/wait.html
> SSL negotiation with <HOSTNAME>
> Server certificate verify failed: signer not found
> Connected to HTTPS on <HOSTNAME>
> Got HTTP response: HTTP/1.1 200 OK
> Content-Type: text/html; charset=utf-8
> Transfer-Encoding: chunked
> Cache-Control: no-cache
> Pragma: no-cache
> Connection: Close
> Date: Mon, 08 Oct 2018 11:33:10 GMT
> X-Frame-Options: SAMEORIGIN
> HTTP body chunked (-2)
> Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
> GET https://<HOSTNAME>/+CSCOE+/sdesktop/wait.html
> SSL negotiation with <HOSTNAME>
> Server certificate verify failed: signer not found
> Connected to HTTPS on <HOSTNAME>
> Got HTTP response: HTTP/1.1 200 OK
> Content-Type: text/html; charset=utf-8
> Transfer-Encoding: chunked
> Cache-Control: no-cache
> Pragma: no-cache
> Connection: Close
> Date: Mon, 08 Oct 2018 11:33:11 GMT
> X-Frame-Options: SAMEORIGIN
> HTTP body chunked (-2)
> Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
> GET https://<HOSTNAME>/+CSCOE+/sdesktop/wait.html
> SSL negotiation with <HOSTNAME>
> Server certificate verify failed: signer not found
> Connected to HTTPS on <HOSTNAME>
> Got HTTP response: HTTP/1.1 200 OK
> Content-Type: text/html; charset=utf-8
> Transfer-Encoding: chunked
> Cache-Control: no-cache
> Pragma: no-cache
> Connection: Close
> Date: Mon, 08 Oct 2018 11:33:12 GMT
> X-Frame-Options: SAMEORIGIN
> HTTP body chunked (-2)
> Refreshing +CSCOE+/sdesktop/wait.html after 1 second...




On Wed, Oct 03, 2018 at 04:18:55AM -0700, Neil E. Hodges wrote:
> Hello,
> 
> I've been trying to connect to my workplace's VPN for the first time all
> morning and haven't had much luck: it just spins in "refreshing
> ...wait.html after 1 second" indefinitely.  Here's the script I've put
> together based on everything I've found:
> 
> > exec sudo openconnect \
> >     --user <USERNAME> \
> >     --cert-expire-warning 15 \
> >     --servercert '<CERTKEY>' \
> >     --os win \
> >     --csd-user <USERNAME> \
> >     --csd-wrapper '/usr/local/bin/csd-wrapper.sh' \
> >     https://<HOSTNAME>
> 
> The --servercert argument is what openconnect told me to set it as after
> the first time, and csd-wrapper.sh has been updated with the
> CSD_HOSTNAME=<HOSTNAME>.  The log output is at the bottom of this
> message.
> 
> I've heard folks saying that if the VPN admins disable Linux support, a
> different certificate is needed, and that they grabbed the certificate
> from a Windows box via JailBreak.  I have JailBreak installed and a
> Windows box that has connected to the same VPN host, but I have no idea
> what to look for in the certificate store.  Does this seem like it might
> help?  If so, where in the certificate store should I look, and what
> should I look for with respect to the certificate name?  If not, what
> else should I try?
> 
> Here's the version info.  It's on a Debian 9.5 system that was just set
> up a few days ago.
> 
> > OpenConnect version v7.08                                                                                                                                                    
> > Using GnuTLS. Features present: PKCS#11, RSA software token, HOTP software token, TOTP software token, Yubikey OATH, System keys, DTLS 
> 
> Thank you,
> 
> - Neil
> 
> > POST https://<HOSTNAME>/
> > Connected to <SERVER_IP>:443
> > SSL negotiation with <HOSTNAME>
> > Server certificate verify failed: signer not found
> > Connected to HTTPS on <HOSTNAME>
> > XML POST enabled
> > GET https://<HOSTNAME>/+CSCOE+/sdesktop/wait.html
> > --2018-10-03 04:07:56--  https://<HOSTNAME>/CACHE/sdesktop/hostscan/linux_x64/manifest
> > Resolving <HOSTNAME> (<HOSTNAME>)... <SERVER_IP>
> > Connecting to <HOSTNAME> (<HOSTNAME>)|<SERVER_IP>|:443... Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
> > connected.
> > WARNING: The certificate of ?<HOSTNAME>? is not trusted.
> > WARNING: The certificate of ?<HOSTNAME>? hasn't got a known issuer.
> > HTTP request sent, awaiting response... 200 OK
> > 
> >     The file is already fully retrieved; nothing to do.
> > 
> > Got 6 files in manifes, locally found 6
> > /home/<USERNAME>/.cisco/hostscan/bin/cscan: OK
> > /home/<USERNAME>/.cisco/hostscan/bin/cstub: OK
> > /home/<USERNAME>/.cisco/hostscan/lib/libcsd.so: OK
> > /home/<USERNAME>/.cisco/hostscan/lib/libhostscan.so: OK
> > /home/<USERNAME>/.cisco/hostscan/lib/libinspector.so: OK
> > /home/<USERNAME>/.cisco/hostscan/lib/tables.dat: OK
> > Launching: /home/<USERNAME>/.cisco/hostscan/bin/cstub -log error -ticket "<TICKET>" -stub "0" -group "" -host "https://<HOSTNAME>/CACHE" -certhash "<CERTHASH>"
> > No value set for `/system/proxy/secure_host'
> > No value set for `/system/http_proxy/host'
> > GET https://<HOSTNAME>/+CSCOE+/sdesktop/wait.html
> > SSL negotiation with <HOSTNAME>
> > Server certificate verify failed: signer not found
> > Connected to HTTPS on <HOSTNAME>
> > Refreshing +CSCOE+/sdesktop/wait.html after 1 second...



[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux