Guest

Preview Tool

Cisco Bug: CSCuo20197 - "CSD prelogin verification failed" with self-signed cert on ASA

Last Modified

Feb 21, 2018

Products (1)

  • Cisco AnyConnect Secure Mobility Client

Known Affected Releases

3.1(5160)

Description (partial)

<B>Symptom:</B>
AnyConnect stand-alone client prints "Posture Assessment Failed: Hostscan CSD prelogin 
verification failed"


libcsd.log will show the following cert mismatch:

[Wed Apr 09 16:37:57.036 2014][libcsd][debug][hs_transport_winhttp_verify_cert_hash_check] Using SHA1 hash algorithm.
[Wed Apr 09 16:37:57.036 2014][libcsd][warn][hs_transport_winhttp_verify_cert_hash_check] Fingerprints do not match: Given(634AA72DDC7D71DA345D07A7FDA57E9F0833595E) != Computed(A8FA1795911F0465B3B92BD422205825F2073CB8)
[Wed Apr 09 16:37:57.036 2014][libcsd][warn][hs_transport_winhttp_verify_cert_hash_check] Fingerprints do not match: Given(634AA72DDC7D71DA345D07A7FDA57E9F0833595E) != Computed(720FC733FD488B0E77133E62A8B4AAD2AAC7A01F)
[Wed Apr 09 16:37:57.036 2014][libcsd][debug][hs_transport_winhttp_probe] Verify cert hash failed!

<B>Conditions:</B>
-This issue was reproduced with hostscan_3.1.05160-k9, on ASA 9.1.4, from AnyConnect version 
3.1.05160
-Clientless webvpn portal does not have this issue.
-ASA uses self-signed certificate
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.