Connect with us

Hi, what are you looking for?


AnyConnect: Install a self-signed certificate as a trusted source

AnyConnect: Install a self-signed certificate as a trusted source




The goal of this article is to walk you through creating and installing a self-signed certificate as a trusted source on a Windows machine. This will get rid of the ‘not trusted server’ warning in AnyConnect.

an introduction

The Cisco AnyConnect (VPN) Virtual Private Network (VPN) client provides remote users with a secure VPN connection. Provides the benefits of the Cisco Secure Sockets Layer (SSL) VPN client and supports applications and functions not available for a browser-based SSL VPN connection. Commonly used by remote workers, AnyConnect VPN allows employees to connect to the company’s network infrastructure as if they were physically in the office, even when they aren’t. This adds to the flexibility, mobility and productivity of your workers.

Certificates are important in the communication process and are used to verify the identity of a person or device, authenticate a service, or encrypt files. A self-signed certificate is an SSL certificate signed by its originator.

When connecting to AnyConnect VPN Mobility Client for the first time, users may encounter an β€œUntrusted server” warning as shown in the image below.

Follow the steps in this article to install a self-signed certificate as a trusted source on a Windows machine, to get rid of this issue.

When applying the exported certificate, be sure to place it on the client computer with Anyconnect installed.

AnyConnect software version

Check time settings

As a prerequisite, you need to make sure that your router has the correct time setting, including time zone and daylight saving time settings.

Step 1

Go to System Configuration > Time.

Step 2

Make sure everything is set correctly.

Create a self-signed certificate

Step 1

Log in to the RV34x series router and go to Administration > Certification.

Step 2

Click Create CSR/Certificate.

Step 3

Fill in the following information:

  • Type: self-signed certificate
  • Certificate name: (any name you choose)
  • Subject alternate name: If an IP address will be used on the WAN port, select IP bottom box or FQDN If you are going to use the fully qualified domain name. In the box, enter the IP address or FQDN of the WAN port.
  • Country name (C): Select the country in which the device is located
  • State or Territory Name (ST): Select the state or territory in which the device is located
  • Region name (L): (Optional) Select the region where the device is located. This could be a town, city, etc.
  • Organization Name (O): (Optional)
  • Organizational Unit Name (OU): Company name
  • Common Name (CN): This must match what is set as the subject’s alternate name
  • Email Address (E): (Optional)
  • Key encryption length: 2048
  • Valid term: This is how long the certificate will be valid. The default is 360 days. You can set this to any value you want, up to 10950 days or 30 years.

Click born.

Step 4

Select the certificate just created and click Select as base certificate.

Fifth step

Update the web user interface (UI). Since it’s a new certificate, you’ll need to sign in again. Once logged in, go to VPN > SSL VPN.

Step 6

change certificate file to the newly created certificate.

Step 7

click Progressing.

Install a self-signed certificate

To install a self-signed certificate as a trusted source on a Windows machine, and to get rid of the ‘Untrusted server’ warning in AnyConnect, follow these steps:

Step 1

Log in to the RV34x series router and go to Administration > Certification.

Step 2

Select the default self-signed certificate and click issue button to download your certificate.

Step 3

In the export certificate window, enter a password for your certificate. Re-enter the password in the file confirm password field and then click issued.

Step 4

You will see a popup informing you that the certificate has been successfully downloaded. click OK.

Fifth step

Once the certificate is downloaded to your computer, locate the file and double-click it.

Step 6

the Certificate Import Wizard The window will appear. to me Store location, Determine local machine. click next one.

Step 7

On the next screen, the certificate location and information will be displayed. click next one.

Step 8

Login password You select it for the certificate and click next one.

Step 9

On the next screen, select Put all the certificates in the next store Then click browse.

step 10

Choose Trusted Root Certification Authorities and click OK.

Step 11

click next one.

Step 12

A summary of the settings will be displayed. click finish To import the certificate.

Step 13

You will see a confirmation that the certificate was successfully imported. click OK.

Step 14

Open Cisco AnyConnect and try to connect again. You should no longer see the untrusted server warning.


Here you are! You have now successfully learned the steps to install a self-signed certificate as a trusted source on a Windows machine, to remove the ‘Untrusted server’ warning in AnyConnect.

Additional Resources

Don’t forget to share this post with friends !

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *



ITProPortal . Portal πŸ‘¨β€πŸ’» We live in a dynamic moment in terms of technology. Even criminals are becoming more technically savvy and are using...


Avira Free Antivirus Review for Mac / Windows and Android are the most common targets for malware programmers, but that doesn’t mean macOS is...


Avira Free Security Review You need antivirus protection on all of your devices, whether you’ve budgeted for it or not. If ready cash is...


tech radar πŸ‘¨β€πŸ’» Is free antivirus safe to use? It’s a simple enough question, but there is no simple and short answer as such....