Search the "System Roots" keychain to find your root certificate and select itįile > Export Items. visit your SSL VPN in Chrome, click the green lock, click "Certificate Information") trusted by browsers), so we can safely trust it by specifying the CA file after exporting it from Ke圜hain:ĭetermine the name your root certificate (i.e. The self-signed cert is actually the root certficate and (hopefully) is one with implicit trust (i.e. ![]() (Optional) When connecting to your SSL VPN, openconnect may complain about a "self-signed certificate" being in the chain and force you to explicitly accept it every time. sudo visudo -f /etc/sudoersĪnd added this line: %admin ALL=(ALL) NOPASSWD: /usr/local/bin/openconnect So, I added password-less sudo ability for the openconnect command. (Optional) Running openconnect requires sudo, presumably because it affects resolution of DNS. OpenConnect can be installed via homebrew: brew update ![]() ![]() And by "conflicts", I mean it causes a grey-screen-of-death kernel panic anytime you connect to the VPN and Pow is installed.Īs an alternative, there is OpenConnect, a command-line client for Cisco's An圜onnect SSL VPN. Unfortunately, the Cisco An圜onnect client for Mac conflicts with Pow.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |