Anyconnect 'The server certificate received or its chain does not comply with FIPS'

Document

Dec 1, 2010 3:08 PM
Dec 1st, 2010

The following message is displayed during a failed anyconnect attempt:

"The server certificate received or its chain does not comply with FIPS. A VPN Connection will not be established"

You may want to check the Anyconnect Local Policy on the affected machine.

The AnyConnectLocalPolicy.xml can be found in the following directory on Windows XP:

C:\Documents and Settings\All Users\Application Data\Cisco\Cisco AnyConnect VPN Client

For Windows 7 or Vista:

C:\ProgramData\Cisco\Cisco AnyConnect VPN Client

Edit the 'AnyConnectLocalPolicy.xml' file so that the Fips Mode is set to false:
e.g.
  <FipsMode>false</FipsMode>

Save the changes and launch another anyconnect session.
A reboot of the PC may be necessary in some cases.

References-------

http://www.cisco.com/en/US/products/ps8411/prod_configuration_examples_list.html

Average Rating: 5 (2 ratings)

Actions

Login or Register to take actions

This Document

Posted December 1, 2010 at 3:08 PM
Stats:
Comments:0 Avg. Rating:5
Views:8171 Contributors:0
Shares:0
Categories: AnyConnect
+

Related Content

Documents Leaderboard

Rank Username Points
1 65
2 56
3 55
4 30
5 24
Rank Username Points
10