Closed pedroteixeira closed 1 year ago
There is no support, but it could be done by changing how the HTTP client is initiated https://github.com/vlaci/openconnect-sso/blob/master/openconnect_sso/authenticator.py#L93
If the browser authentication requires certificates as well, that would be a bit more complicated.
Keep in mind, I no longer has access to a cisco VPN, so cannot help actively implementing features or fixing bugs anymore
hm, yes I guess it's the latter :/ Current scenario where Cisco AnyConnect / Secure Client uses certificate at ~/.cisco/certificates/client/myclient.pem
as well as SSO with 2FA ?
But ok, I will try session.cert (since it might solve it !)
Are you aware of openconnect v9 with network-manager-openconnect
now supporting this out the box? I had impression it was on the roadmap, but hard to upgrade in Ubuntu 20.04 to test
I asked for some help internally and the following worked, modifying the authenticator.py class at, to add session.cert
:
def create_http_session(proxy):
session = requests.Session()
session.cert = ('/home/$USER/.cisco/certificates/client/myclient.pem', '/home/$USER/.cisco/certificates/client/private/myclient.key') # replace $USER, with your local paths
Hi, is there an option to specify the client cerificate when using openconnect-sso? I would like to try it, but couldn't find in the docs. Thanks !