Closed pedroteixeira closed 1 year ago
vlaci
commented
1 year ago There is no support, but it could be done by changing how the HTTP client is initiated https://github.com/vlaci/openconnect-sso/blob/master/openconnect_sso/authenticator.py#L93
If the browser authentication requires certificates as well, that would be a bit more complicated.
Keep in mind, I no longer has access to a cisco VPN, so cannot help actively implementing features or fixing bugs anymore
pedroteixeira
commented
1 year ago hm, yes I guess it's the latter :/ Current scenario where Cisco AnyConnect / Secure Client uses certificate at ~/.cisco/certificates/client/myclient.pem as well as SSO with 2FA ?
But ok, I will try session.cert (since it might solve it !)
Are you aware of openconnect v9 with network-manager-openconnect now supporting this out the box? I had impression it was on the roadmap, but hard to upgrade in Ubuntu 20.04 to test
pedroteixeira
commented
1 year ago I asked for some help internally and the following worked, modifying the authenticator.py class at, to add session.cert:
def create_http_session(proxy):
session = requests.Session()
session.cert = ('/home/$USER/.cisco/certificates/client/myclient.pem', '/home/$USER/.cisco/certificates/client/private/myclient.key') # replace $USER, with your local paths
Hi, is there an option to specify the client cerificate when using openconnect-sso? I would like to try it, but couldn't find in the docs. Thanks !