You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: CantSalomeDown
CantSalomeDown Author
User level: Level 1
1 points

Cisco AnyConnect wants access to os x system keychain

Yosemite 10.10.3 & Cisco AnyConnect Secure Mobility Client version 3.1.07021

OS X wants to make changes. Type an administrator's name and password to allow this. OS X wants to use the "System" keychain.

User uploaded file

If I enter credentials and press allow, the prompt comes back at least two more times before a connection is made, if I click deny the prompt repeats but eventually goes away and allows a connection without authenticating for the "System" keychain. While I can easily work around this by clicking deny, I would prefer to resolve this for the end users.


The same occurs under the guest account.

I have uninstalled and reinstalled several times, and tried the different versions of AnyConnect that are currently available for me to use here.

I had changed the permissions on the /Library/Keychains/System.keychain and that did not resolve

I had modified the permissions on private keys in the system keychain and that did not resolve


I started from scratch with a fresh 10.10.3 build, and the issue persists.

Posted on Apr 14, 2015 12:43 PM

Reply
Question marked as Top-ranking reply
User profile for user: feidakila
feidakila
User level: Level 1
14 points

Posted on Dec 1, 2017 12:04 AM

This solved my issue:


• Launch /Applications/Utilities/Keychain Access

• Select "System" from the Keychains menu in the upper left

• Select "Certificates" from the Category menu in the lower left

• Find the entry that corelates to your computer's name in the list on the right, and click on the disclosure triangle.

• Secondary click on the "Private Key" entry that appears and select "Get Info" from the contextual menu that appears.

• Select the Access Control tab.

• You can then *either* add AnyConnect to the the list at the bottom of the screen (more secure, but you will need to repeat this process anytime the version of AnyConnect changes), *or* toggle the radio button to "Allow all applications to access this item".

taken from Google Groups

View in context
16 replies

Cisco AnyConnect wants access to os x system keychain

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up