Anyconnect 'The server certificate received or its chain does not comply with FIPS'

Document

Mar 16, 2015 4:16 PM
Dec 1st, 2010
Table of Contents 

Introduction

This document describes a scenario where user receives a message when Anyconnect fails to connect.

The following message is displayed during a failed anyconnect attempt:

 

"The server certificate received or its chain does not comply with FIPS. A VPN Connection will not be established"

 

Resolution

You may want to check the Anyconnect Local Policy on the affected machine.

The AnyConnectLocalPolicy.xml can be found in the following directory on Windows XP:

 

C:\Documents and Settings\All Users\Application Data\Cisco\Cisco AnyConnect VPN Client

 

For Windows 7 or Vista:

 

C:\ProgramData\Cisco\Cisco AnyConnect VPN Client

Edit the 'AnyConnectLocalPolicy.xml' file so that the Fips Mode is set to false:
e.g.
  <FipsMode>false</FipsMode>

Save the changes and launch another anyconnect session.
A reboot of the PC may be necessary in some cases.

 

 

References

 

http://www.cisco.com/en/US/products/ps8411/prod_configuration_examples_list.html

Overall Rating: 5 (2 ratings)
saggyindigo Tue, 09/02/2014 - 03:22

Hi,

I have the same issue when I try to connect to my vpn. I am using linux 32 bit machine.

Please tell me how to fix this issue in linux..

 

Thanks,

Actions

Login or Register to take actions

This Document

Posted December 1, 2010 at 3:08 PM
Updated March 16, 2015 at 4:16 PM
Stats:
Comments:1 Overall Rating:5
Views:9457 Contributors:1
Shares:4
Categories: AnyConnect
+
 

Documents Leaderboard

Rank Username Points
1
athukral
85
2
TCC_2
71
3
Nicolas Meessen
65
4
esundberg
30
5
PAWS
24
Rank Username Points
ITA Terms
5
athukral
5