Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Certificate Validation Failure when using machine store only

I set up a cisco ASA 5505 for remote access using Cisco AnyConnect Secure Mobility Client.

The clientsoftware is installed on Windows 7 machines

Only IPsec is enabled for access, using (ASA)local userdatabase and certificate (company CA enrolled the certificates).

When in the client profile "Certificate Store" "All" is selected I can connect to the ASA and choose a certificate I want to use to connect. Even when I choose my machine certificate a connection will be established.

Now I set Certificate Store to "Machine".

At this point it is no longer possible to connect to the ASA. I get the error: "certificate validation failure".

"Certificate Store Override" is enabled.

What do I need to do or configure to make it possible that users can only connect using a machine certificate?
The setting "All" in Certificate Store is not acceptable.