I am trying to install a certificate on my Cisco ASA 5515. It has my local Windows 2012 CA as a trusted CA. The domain has also had this CA applied to their trusted root.
Whenever I try to connect from the outside via anyConnect VPN I get an untrusted certificate error, specifically "Certificate does not match the server name".
The device hostname is vpn, domain name is example.com. The Certificate is issued to cn=vpn.example.com issued by cn=corp-dc1-CA,dc=corp,dc=example,dc=com.
I do have 2 autonomous domains configured: corp.example.com is an internal domain which is not registered with GoDaddy; example.com is registered with GoDaddy.
I used a CSR from the ASA to generate a cert on my CA and installed the new cert on my ASA, but still no luck.
You've probably fixed this now, but the fix I found was to
Make sure you entered the command to associate the trustpoint with the external interface which will receive the VPN requests; this is normally the fix.