Get the following error when establishing a VPN connection (see below for error and specs). I see that my version of CentOS is only listed as compatable not qualified. I dont neccesarily want to drop back to CentOS 7.4. Is it possible to get a 8.2 release of Pulse Connect to try which is listed as compatiable with my version of CentOS or is there a work around for getting Pulse Connect 9.04 to work?
Update:
Tried Ubuntu 18.05 with Pulse Connect 9.0 and same issue occurs despite this being listed as a qualified config.
Any guidance on this is greatly appreciated.
Centos 7.6.1810
Kernel 3.10.0-957
Pulse Version: 9.0R4(943)
Unable to load page
Problem occurred while loading the URL...
Unacceptable TLS certificate
If you you try to connect via browser do you receice any SSL/TLS certificate error?
This issue can happen if your VPN server doesn't provide the entire certifcate chain.
Tipically what you need to do is to add the intermediate CA that has signed your certificate under
System > Configuration > Device Certificate > Intermediate CAs
The dashboard which I used is limited, basically just provides a point to kick of the desktop client from. I will contact the admin team reponsible for our PulseConnect, I would assume they have the options you mentioned.
You mentioned SSL/TLS certification errors, when I first navigate to the dashboard before I get to login, I must trust the connection through the browser. When using the Windows App for the first time, you accept a self signed certificate. But this isnt an option when using the linux app.
Ok, from what you are telling it seems that you company use a self-sign or a certificate siged by a private CA
If the certificate is sigend by a private CA you should follow the steps 5 to 8 of this KB in order to import the CA to your linux machine
https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB40278
Hey Guys,
Apparently the company use Public CA.
They have provided me with a .crt in which I have tried the following without any success. Still get the same error. Am I on the right tracks or do I require anything else?
Well.... if your company use a Public CA then the issue should be related to the fact that your administrator doesn't has imported the Intermediate CA to the PSA
This mean that when you connect to your server fqdn, the server doesn't give you the entire certificate chain.
We can check this by using the openssl.
openssl s_client -connect <your_fqdn>:443
Can you post the result?