On Mon, 2016-04-04 at 22:09 -0400, Michael Welsh Duggan wrote: > I'm having some difficulties using network-manager-openconnect. > > If I use openconnect directly: > > openconnect -c cert.pfx --authgroup=[GROUP] --no-xmlpost [SERVER] > > everything works just fine. > > When I use network-manager I get the following: > > Server requested SSL client certificate after one was provided > Certificate Validation Failure > > This used to work (many months ago). I don't know whether an update > of > nm was why things changed, or if it was a change of the VPN server at > work. > > I am using network-manager and network-manager-openconnect from > Debian > unstable: > > network-manager 0.9.10.0-1 > network-manager-openconnect 0.9.8.6-1 > > I'm happy to provide more debugging information if someone would tell > me > what to provide.
Hi, When nm-openconnect starts openconnect binary, it runs as a different user. Make sure that that user is able to access the certificate. For example, if you have SELinux enabled, it needs proper labels. Usually that means, the certificate should be in ~user/.certs directory. Try with SELinux permissive mode or search for audit warnings. Thomas
signature.asc
Description: This is a digitally signed message part
_______________________________________________ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
