The information you are about to copy is INTERNAL!
DO NOT share it with anyone outside Check Point.
SNX connection from command line fails with "SNX: Authentication failed" when using a certificate
SSL Network Extender
R75.40, R76, R77, R77.10, R77.20, R77.30, R80.10
Platform / Model
The SNX connection from command line "snx -l <CA_Dir> -s <Server>" fails with "SNX: Authentication failed" when authenticating with a user certificate.
The SNX connection from command line succeeds when authenticating with a username and password (snx -u <User> -s <Server>).
SNX debug ('snx -g ...') shows in snx.elg file:
process_trusted_cas: processing TrustedCAs
process_trusted_cas: TrustedCAs dir opened ok
process_trusted_cas: processing file <Certificate_Issuer_CN>.pem
DecodeBufFromFile: Couldn't read from file - certs/
process_trusted_cas: get buf from file failed
Incorrect parsing of the path to the certificate file. Since the SNX client could not read the certificate, it does not trust the certificate presented by the Security Gateway, and the SSL negotiation fails.