cancel
Showing results for 
Search instead for 
Did you mean: 

Unacceptable TLS certificate

SOLVED
elka
New Contributor

Unacceptable TLS certificate

Hello,

First I'd like to say I did read the related topic https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB43927

My issue is that my connection to the VPN used to work very fine without having the intermediate certificate stored on my Linux (Ubuntu 20.04) until last week, when certificates have been renewed. Ever since I get this error message.

I can't figure out a solution but I am no cybersecurity expert and the IT guy doesn't seem to be helpful with any OS other than Windows...

Any help or advise would be really helpful.

Thanks a lot,

Louis

1 ACCEPTED SOLUTION

Accepted Solutions
elka
New Contributor

Re: Unacceptable TLS certificate

I did eventually get the intermediate certificate from the company so I could add it to my ca-certificate file and it worked !

 

Pulse Version: 9.1R4 (143)

 

Thanks for the answers

View solution in original post

4 REPLIES 4
elka
New Contributor

Re: Unacceptable TLS certificate

EDIT : I tried to connect anyway using the Openconnect plugin fot Network-Manager it doesn't quite work because of the two-factors authentication using Google Authenticator but at least I could connect to the host by ignoring the fact the SSL certificate was not trusted by my linux. How then can I add the certificate to be trusted ? I guess that's the goal of the manipulation consisting of copying the .crt file to

/usr/local/share/ca-certificates

and then updating the ca-certificates. Problem is now that I don't have the certificate .crt file...

Is there anyway to add all certificates from one signer for example to be trusted ?

zanyterp
Moderator

Re: Unacceptable TLS certificate

if you know where it is from, you should be able to find the chain and import it to your ubuntu client
r@yElr3y
Moderator

Re: Unacceptable TLS certificate

@elka What version of Pulse Client being used?

 

@zanyterp Did we not introduce dynamic trust for Linux clients when we started to CEF?

PCS Expert
Pulse Connect Secure Certified Expert
elka
New Contributor

Re: Unacceptable TLS certificate

I did eventually get the intermediate certificate from the company so I could add it to my ca-certificate file and it worked !

 

Pulse Version: 9.1R4 (143)

 

Thanks for the answers

View solution in original post