Cisco Bug: CSCuo20197 - "CSD prelogin verification failed" with self-signed cert on ASA

Last Modified

Feb 21, 2018

Products (1)

Cisco AnyConnect Secure Mobility Client

Known Affected Releases

3.1(5160)

Description (partial)

<B>Symptom:</B>
AnyConnect stand-alone client prints "Posture Assessment Failed: Hostscan CSD prelogin 
verification failed"


libcsd.log will show the following cert mismatch:

[Wed Apr 09 16:37:57.036 2014][libcsd][debug][hs_transport_winhttp_verify_cert_hash_check] Using SHA1 hash algorithm.
[Wed Apr 09 16:37:57.036 2014][libcsd][warn][hs_transport_winhttp_verify_cert_hash_check] Fingerprints do not match: Given(634AA72DDC7D71DA345D07A7FDA57E9F0833595E) != Computed(A8FA1795911F0465B3B92BD422205825F2073CB8)
[Wed Apr 09 16:37:57.036 2014][libcsd][warn][hs_transport_winhttp_verify_cert_hash_check] Fingerprints do not match: Given(634AA72DDC7D71DA345D07A7FDA57E9F0833595E) != Computed(720FC733FD488B0E77133E62A8B4AAD2AAC7A01F)
[Wed Apr 09 16:37:57.036 2014][libcsd][debug][hs_transport_winhttp_probe] Verify cert hash failed!

<B>Conditions:</B>
-This issue was reproduced with hostscan_3.1.05160-k9, on ASA 9.1.4, from AnyConnect version 
3.1.05160
-Clientless webvpn portal does not have this issue.
-ASA uses self-signed certificate

View Bug Details in Bug Search Tool Login Required

Why Is Login Required?

Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

Full Description (including symptoms, conditions and workarounds)
Status
Severity
Known Fixed Releases
Related Community Discussions
Number of Related Support Cases

Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.

Learn More About Cisco Service Contracts