SNX connection from command line fails with "SNX: Authentication failed" when using a certificate

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk101588
Technical Level
Product	SSL Network Extender
Version	R75.40 (EOL), R76 (EOL), R77 (EOL), R77.10 (EOL), R77.20, R77.30 (EOL), R80.10 (EOL)
OS	Linux, macOS
Platform / Model	Intel/PC
Date Created	13-Jul-2014
Last Modified	20-Aug-2020

Symptoms

The SNX connection from command line "snx -l <CA_Dir> -s <Server>" fails with "SNX: Authentication failed" when authenticating with a user certificate.
The SNX connection from command line succeeds when authenticating with a username and password (snx -u <User> -s <Server>).

SNX debug ('snx -g ...') shows in snx.elg file:

process_trusted_cas: processing TrustedCAs
process_trusted_cas: TrustedCAs dir opened ok
process_trusted_cas: processing file <Certificate_Issuer_CN>.pem
DecodeBufFromFile: Couldn't read from file -  certs/
/<Certificate_Issuer_CN>.pem
process_trusted_cas: get buf from file failed

Cause

Incorrect parsing of the path to the certificate file. Since the SNX client could not read the certificate, it does not trust the certificate presented by the Security Gateway, and the SSL negotiation fails.

Solution

Note: To view this solution you need to Sign In .