4,339
edits
no edit summary
iwu |
No edit summary |
||
| Line 1: | Line 1: | ||
= Juniper Pulse Secure client = | |||
{{testedon|2020-04-22|CentOS 7.7.1908}} | |||
First, get the CA certificate file to get rid of the following error: | |||
<code>Server certificate verify failed: signer not found</code> | |||
<source lang="console"> | |||
echo -n | openssl s_client -connect vpn.myuniversity.edu:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ~/certs/myschool-vpn-cafile.crt | |||
</source> | |||
Then grab the --servercert sha256:whateverhexcodehere that shows up when you execute the following line: | |||
<source lang="console"> | |||
$ sudo openconnect --authgroup=colleges --user=skan --cafile=/home/skan/certs/server --cafile=/home/skan/certs/myschool-vpn-cafile.crt --juniper https://vpn.myuniversity.edu | |||
</source> | |||
Disconnect using <code>ctrl-c</code> and then add the --servercert param: | |||
<source lang="console"> | <source lang="console"> | ||
$ sudo openconnect --authgroup=colleges --user=skan --juniper https://vpn.myuniversity.edu | $ sudo openconnect --authgroup=colleges --user=skan --cafile=/home/skan/certs/server --cafile=/home/skan/certs/myschool-vpn-cafile.crt --servercert sha256:043c3a132f34d87ba8c507f21d775a08dc1d85aa3f2d782996d66d17865af2e0 --juniper https://vpn.myuniversity.edu | ||
</source> | </source> | ||