Cisco Bug: CSCuo20197 - "CSD prelogin verification failed" with self-signed cert on ASA
Last Modified
Nov 27, 2020
Products (1)
- Cisco AnyConnect Secure Mobility Client
Known Affected Releases
3.1(5160)
Description (partial)
<B>Symptom:</B> AnyConnect stand-alone client prints "Posture Assessment Failed: Hostscan CSD prelogin verification failed" libcsd.log will show the following cert mismatch: [Wed Apr 09 16:37:57.036 2014][libcsd][debug][hs_transport_winhttp_verify_cert_hash_check] Using SHA1 hash algorithm. [Wed Apr 09 16:37:57.036 2014][libcsd][warn][hs_transport_winhttp_verify_cert_hash_check] Fingerprints do not match: Given(634AA72DDC7D71DA345D07A7FDA57E9F0833595E) != Computed(A8FA1795911F0465B3B92BD422205825F2073CB8) [Wed Apr 09 16:37:57.036 2014][libcsd][warn][hs_transport_winhttp_verify_cert_hash_check] Fingerprints do not match: Given(634AA72DDC7D71DA345D07A7FDA57E9F0833595E) != Computed(720FC733FD488B0E77133E62A8B4AAD2AAC7A01F) [Wed Apr 09 16:37:57.036 2014][libcsd][debug][hs_transport_winhttp_probe] Verify cert hash failed! <B>Conditions:</B> -This issue was reproduced with hostscan_3.1.05160-k9, on ASA 9.1.4, from AnyConnect version 3.1.05160 -Clientless webvpn portal does not have this issue. -ASA uses self-signed certificate
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Status
- Severity
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases