Guest

Preview Tool

Cisco Bug: CSCuo14790 - AnyConnect IKEv2 and SSL fail if server cert has IKE Intermediate EKU

Last Modified

Mar 01, 2018

Products (1)

  • Cisco AnyConnect Secure Mobility Client

Known Affected Releases

3.1(5152)

Description (partial)

Symptom:
This is a request to fix AnyConnect to make it consistent with AnyConnect Release Notes which say that "If the server certificate contains an EKU, the attributes must contain serverAuth or ikeIntermediate". Currently it displays a certificate warning to a user if the server certificate contains ikeIntermediate Extended Key Usage certificate extension (EKU) 1.3.6.1.5.5.8.2.2.

Conditions:
AnyConnect 3.1.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.