Date: Oct 10, 2013
By: Mike Khzouz (Mike@bostonIT.com)
Scenario:
When using the Linux Cisco AnyConnect client x64 (like MAC, Ubuntu, Redhat RHEL and Debian) you might get the error above or if you connect through command like you might get the following errors:

Resolution:
1- Before you start troubleshooting the issue on the client side, make sure SSL certificates are installed and configured properly on the ASA. Go to http://www.digicert.com/help/ and test your server SSL certificate, if you see any issues, talk to your system admin to fix. In addition to your company SSL certificate, intermediate certificate from the ssl provider needs to be installed on the asa too, and that web tool can show you any issues in that regard (this is a common issue - missing intermediate cert) .
2- Important: Upgrade to the latest Cisco AnyConnect client. You can download that from the cisco TAC site but you need a username and a password. The latest version of Anyconnect as of this article is 3.1.04066.
3- In one of the cases the Cisco ASA had a Go Daddy SSL Certificate. Copying Go Daddy certificate from that Linux SSL Certificate folder to Cisco SSL certificate folder on the linux machine forced Anyconnect to trust that certificate.
sudo cp /etc/ssl/certs/Go* /opt/.cisco/certificates/ca/
If you are using a different 3rd party SSL certificate on the ASA, then you need to copy that certificate the same way
You can also copy all the certificates from /etc/ssl/certs/ to /opt/.cisco/certificates/ca/ if you are not sure what certificate you are using.
If you get this error in Windows make sure you stop Internet Sharing service in Windows services
If you find this article helpful, please click to like our facebook page below so we can keep on adding quality hands-on articles.