SNX connection from command line fails with "SNX: Authentication failed" when using a certificate

Support Center > Search Results > SecureKnowledge Details

Solution ID	sk101588
Product	SSL Network Extender
Version	R75.40, R76, R77, R77.10, R77.20, R77.30, R80.10
OS	Linux, Mac
Platform / Model	Intel/PC
Date Created	13-Jul-2014
Last Modified	03-Sep-2019

Symptoms

The SNX connection from command line "snx -l <CA_Dir> -s <Server>" fails with "SNX: Authentication failed" when authenticating with a user certificate.
The SNX connection from command line succeeds when authenticating with a username and password (snx -u <User> -s <Server>).

SNX debug ('snx -g ...') shows in snx.elg file:

process_trusted_cas: processing TrustedCAs
process_trusted_cas: TrustedCAs dir opened ok
process_trusted_cas: processing file <Certificate_Issuer_CN>.pem
DecodeBufFromFile: Couldn't read from file -  certs/
/<Certificate_Issuer_CN>.pem
process_trusted_cas: get buf from file failed

Cause

Incorrect parsing of the path to the certificate file. Since the SNX client could not read the certificate, it does not trust the certificate presented by the Security Gateway, and the SSL negotiation fails.

Solution

Note: To view this solution you need to Sign In .