OpenConnect with Wildcard Cert

Started by dstrobel, July 07, 2018, 09:48:07 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 07, 2018, 09:48:07 PM
Hello,

I am trying to use the OpenConnect plugin to connect to my ASAs at work. We currently have a wildcard cert. I know, bad idea but it wasn't my choice I just get to managed it. So I've been trying to get the openconnect plugin to work and it seemed to work for a while and now it won't connect at all. Nothing seems to be logged and I can't tell that the plugin is even trying to connect.

By chance I happened to reboot one of my opnsense boxes while watching the console. I saw an error fly by saying something about the openconnect host certificate not matching the connection name given. It looked like there was some suggestion about adding a certificate hash to the startup command.

So my question is, where's the config file and can I put arguments in it?

Thanks
July 07, 2018, 10:57:02 PM #1
I can try to add this to the plugin ...
July 08, 2018, 07:56:11 AM #2
July 08, 2018, 10:14:34 AM #3
Thank you very much sir. Is there any way I can test for you?
July 08, 2018, 10:59:46 AM #4
It works ;) when it's merged you can load the dev version
July 09, 2018, 07:08:33 PM #5
How do I load the dev version of just a plugin?
July 09, 2018, 09:16:08 PM #6
If you wait for 18.1.12 you can install via CLI: pkg install os-openconnect-devel

If you're in a real hurry, via CLI:

opnsense-code plugins
cd /usr/plugins/security/openconnect
make upgrade
Print
Go Up Pages1
User actions