Linux

Cisco AnyConnect on Linux solution to “Authentication failure due to problem verifying server certificate” error message

Byetzion 22/01/202422/01/2024

This is a very technical and a limited solution to Cisco AnyConnect issue with unknown certificate on Linux (Ubuntu 22.04). AnyConnect version is 4.10. I hope this post will help others with a similar problem.

The issue is around SAML authentication (an embedded web browser attempting to complete the authentication process), and its failure to pop up, with the following message

A quick and simple solution is available, and it goes like this:

ADDRESS=URL_OF_VPN
echo | openssl s_client ${ADDRESS}:443 | openssl x509 > ${ADDRESS}.crt
sudo cp ${ADDRESS}.crt /usr/local/share/ca-certificates/
sudo update-ca-certificates

This solution is from this forum post, and I only keep it as a reminder.

Clusters | Linux

Redhat Cluster NFS client service – things to notice

Byetzion 16/01/2009

I encountered an interesting bug/feature of RHCS on RHEL4. A snip of my configuration looks like this: <resources> <fs device=”/dev/mapper/mpath6p1″ force_fsck=”1″ force_umount=”1″ fstype=”ext3″ name=”share_prd” mountpint=”/share_prd” options=”” self_fence=”0″ fsid=”02001″/> <nfsexport name=”nfs export4″/> <nfsclient name=”all ro” target=”192.168.0.0/255.255.255.0″ options=”ro,no_root_sqush,sync”/> <nfsclient name=”app1″ target=”app1″ options=”rw,no_root_squash,sync”/> </resources> <service autostart=”1″ domain=”prd” name=”prd” nfslock=”1″> <fs ref=”share_prd”> <nfsexport ref=”nfs export 4″> <nfsclient ref=”all ro”/>…

Linux | Scripting/Programming

Linux inetd and shell input redirection

Byetzion 11/07/2008

I was required to write a small listener. This listener doesn’t have to do anything fancy – it has to process input from a network source (over TCP) and shove it into a file with random name. The quick and dirty solution is to use netcat (nc). A short command such as this would do…

Linux

Juniper Network Connect with Ubuntu 11.10 x86_64

Byetzion 08/03/2012

This is a tricky one. I have had to waste a lot of time. The trick is to use 32bit browser (extract firefox into $HOME/firefox and run it from there. Details below), and a full JDK package from Sun. JRE is not good enough! I have a $HOME/bin/firefox32 script which looks like this: #!/bin/bash exec…

Disk Storage | Laptop | Linux

Ubuntu 18.04 and TPM2 encrypted system disk

Byetzion 27/05/201919/01/2022

*** EDIT *** : An updated version of this post can be found here: https://run.tournament.org.il/ubuntu-20-04-and-tpm2-encrypted-system-disk/ When you encrypt your entire disk, you are required to enter your passphrase every time you boot your computer. The TPM device has a purpose – keeping your secrets secure (available only to your running system), and combined with SecureBoot,…

Disk Storage | Linux

Better iostat visibility of ZFS vdevs

Byetzion 04/07/202111/03/2023

All ZFS users are familiar with ‘zpool iostat’ command, however, it is not easily translated into Linux ‘iostat’ command. Using large pools with many disks will result in a mess, where it’s hard to identify which disk is which, and going to a translation table from time to time, to identify a suspect slow disk….

Clusters | Disk Storage | Linux | RedHat Cluster

HA ZFS NFS Storage

Byetzion 29/01/201919/01/2022

I have described in this post how to setup RHCS (Redhat Cluster Suite) for ZFS services, however – this is rather outdated, and would work with RHEL/Centos version 6, but not version 7. RHEL/Centos 7 use Pacemaker as a cluster infrastructure, and it behaves, and configures, entirely differently. This is something I’ve done several times,…

Related posts:

Similar Posts

Leave a Reply Cancel reply