SSL connection failure: The TLS connection was non-properly terminated.
If I connect to our Pulse VPN via protocol=pulse
, but do not enter the PIN of the smartcard directly, but only after about 1 minute, the connection is interrupted:
dominik@host1:~$ sudo openconnect --script=/etc/vpnc/vpnc-script -vvv --certificate="$_url_of_user_cert" --protocol=pulse "https://vpn-gateway/linuxc"
Attempting to connect to server xx.xxx.xxx.xx:443
Connected to xx.xxx.xxx.xx:443
Using PKCS#11 certificate pkcs11:model=JavaCardOS;...;type=cert
Trying PKCS#11 key URL pkcs11:model=JavaCardOS;...;type=private
PIN required for Cryptovision SmartCard
Enter PIN:
Using PKCS#11 key pkcs11:model=JavaCardOS;...;type=private
Using client certificate 'Schütz Dominik'
Adding supporting CA 't.company Smartcard CA xxxx'
SSL negotiation with vpn-gateway
SSL connection failure: The TLS connection was non-properly terminated.
Failed to complete authentication
dominik@host1:~$
I have the same problem with protocol=nc
:
dominik@host1:~$ sudo openconnect --script=/etc/vpnc/vpnc-script --certificate="$_url_of_user_cert" --protocol=nc --no-dtls "https://vpn-gateway/linuxc"
GET https://vpn-gateway/linuxc
Connected to xx.xxx.xxx.xx:443
PIN required for Cryptovision SmartCard
Enter PIN:
Using client certificate 'Schütz Dominik'
SSL negotiation with vpn-gateway
SSL connection failure: The TLS connection was non-properly terminated.
Failed to open HTTPS connection to vpn-gateway
Failed to complete authentication
dominik@host1:~$
I have installed the following two packages "openconnect_9.01+138+g09d9f6fa-0+148.1_amd64.deb" and "libopenconnect5_9.01+138+g09d9f6fa-0+148.1_amd64.deb" from the latest git HEAD (https://download.opensuse.org/repositories/home:/bluca:/openconnect/Ubuntu_22.04/amd64/). But I also had the error with the original v9.01-0+9.1 version (https://download.opensuse.org/repositories/home:/bluca:/openconnect:/release/Ubuntu_22.04/amd64/).