Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Certificate failure on Windows 8.1

We are receiving a "certificate validation failure" when checking for a machine certificate to authenticate to VPN.

The have the client and profile  working find on various window version including win 8, but when we started deploying it on Win 8.1 we are receiving the certificate failure.

Anyone know how to debug certificate validation failures?  Are there any compability issue or bugs with Win 8.1 and machine certificate checks.

We are running Cisco AnyConnect v3.1.03103.

In the AnyConnect Connection Profile we have AAA (Radius) and Certificate selected as the authentication method.  We also have some certificate matching parameters enable on the anyconnect client profile.

Please help.


New Member

Certificate failure on Windows 8.1

Did you get any solution?  I would appreciate if you could share it.


New Member

I ran into this exact same

I ran into this exact same issue. Using both AAA and Certificate authentication the Windows 7 machines worked just fine. But once my customer started using Windows 8.1 those systems would fail to connect with the error message "Certificate Validation Failure".


TAC discovered that the following encryption types were missing from the ASA. These had probably been removed from the config long ago and never caused an issue until they started rolling out Windows 8.1.

Adding the following command to the ASA resolved the issue:

ssl encryption aes256-sha1  aes128-sha1  3des-sha1  rc4-sha1 rc4-md5

CreatePlease login to create content