How to setup VPN to trust specific expired certificate

ntg

1/14/23, 11:33 AM

The certificate for a specific vpn server I need to be accessing has expired. It is a server from my work, and I keep bugging our overloaded admin to update it. So far and until he does, I have to always tell ubuntu I "know what I am doing" but sometimes I am in a hurry and do not fully check that it looks correct, so this is a potential problem.

I know and trust the holder of the certificate even though its expired, but have no control to change the expired certificate. Is there a way to set this particular certificate as trusted? I understand this is a bad idea, but the alternative solution is also a bad idea.

I think am using what should be the default for Ubuntu 20.04.03 LTS, (Set it up from settings-->Network--> VPN <clicked +> with protocol VPN Protocol being Cisco AnyConnect or openconnect)

120

0 + 0

vpn

certificates

muru

1/14/23, 11:43 AM

What are you using to connect to this VPN?

ntg

1/14/23, 12:47 PM

the default available, with openconnect i think... added 2 screenshots

Thomas Ward

1/14/23, 3:41 PM

Expired certificates cannot be trusted when using AnyConnect - it's an issue that you can't override on the local side of things. AnyConnect / OpenConnect spec details that the certificate has to be valid to work. The SSL checks are hardcoded into the protocol and client, and can't be overridden globally.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to setup VPN to trust specific expired certificate

TH: วิธีตั้งค่า VPN ให้เชื่อถือใบรับรองที่หมดอายุแล้ว

RO: Cum să configurați VPN pentru a avea încredere în un anumit certificat expirat

RU: Как настроить VPN так, чтобы он доверял определенному сертификату с истекшим сроком действия

VI: Cách thiết lập VPN để tin cậy chứng chỉ hết hạn cụ thể

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.