After upgrading AnyConnect package on AS from 3.0 to 3.1 getting error that the certificate is untrusted and have to accept the certificate when trying to automatically login to the website. Is it possible to disable the strict trust setting to avoid this error?
It is strongly recommended that Strict Certificate Trust for the AnyConnect client is enabled for the following reasons:
•With the increase in targeted exploits, enabling Strict Certificate Trust in the local policy helps prevent man in the middle attacks when users are connecting from untrusted networks such as public-access networks.
•Even if you use fully verifiable and trusted certificates, the AnyConnect client, by default, allows end users to accept unverifiable certificates. If your end users are subjected to a man-in-the-middle attack, they may be prompted to accept a malicious certificate. To remove this decision from your end users, enable Strict Certificate Trust.