![]() trusted by browsers), so we can safely trust it by specifying the CA file after exporting it from Ke圜hain:ĭetermine the name your root certificate (i.e. The self-signed cert is actually the root certficate and (hopefully) is one with implicit trust (i.e. (Optional) When connecting to your SSL VPN, openconnect may complain about a "self-signed certificate" being in the chain and force you to explicitly accept it every time. sudo visudo -f /etc/sudoersĪnd added this line: %admin ALL=(ALL) NOPASSWD: /usr/local/bin/openconnect ![]() So, I added password-less sudo ability for the openconnect command. (Optional) Running openconnect requires sudo, presumably because it affects resolution of DNS. ![]() OpenConnect can be installed via homebrew: brew update And by "conflicts", I mean it causes a grey-screen-of-death kernel panic anytime you connect to the VPN and Pow is installed.Īs an alternative, there is OpenConnect, a command-line client for Cisco's An圜onnect SSL VPN. Unfortunately, the Cisco An圜onnect client for Mac conflicts with Pow.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |