Can't connect to VPN

This should be resolved when IT starts working. (It’s annoying to me though, because I like to start at 0630.)

Yesterday I tried to connect to VPN and my browser told me the certificate expired. I told my browser to trust the site. When I again tried to connect I received this error:

Unexpected error: DynamicClientBase: Trust problem: dynamic profile is trusted by None but parent is trusted by u’vpn.[domain name]'

I just want to be sure: There’s nothing I can do as a user to resolve this, right?

No familiarity with the products you’re using, but my suspicion on general principles is that no, you can’t fix this unless you can find and install current certs from a trusted source.

You can tell the browser to disregard the certificate issue, although it will kvetch a bit. But that doesn’t extend to the VPN client, which (rightly) can’t be told to disregard a cert problem. Because certificate-authenticated encryption is the whole reason for the VPN to exist. Logically, you can’t allow users to handwave a security issue in a security product

And since “find and install current certs” has to involve a secure data path (so you don’t install Trojan certificates from an untrusted source), if your current cert is bad, you can’t use it to download a good certificate.

I just called the office (after sending an email to the ‘Help’ mailing list – I can access our webmail, so I know it’s not my password) and the person on the Help list I wanted to talk to is also having a problem connecting. It’s 0830, and I’ve lost two hours of work! :frowning:

It does sound like you’re dealing with an expired cert on the server this time. Someone’s Security Officer slipped up. I have encountered the same problem when the time on the local computer has been far enough out of sync.

Just got an SMS to try logging in. No joy. Other people are also unable to connect.

Just got a message saying IT is renewing the certificate – and they’ve put in a three weeks in advance reminder for next year.

Ah, an expired server cert. That’s definitely “not user serviceable.”

Sorry 'bout the productivity loss.

Four freakin’ hours! :mad:

(It’s the first of the month, so I’m being bombarded with November month-end data.)