Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: CantSalomeDown
CantSalomeDown Author
User level: Level 1
1 points

Cisco AnyConnect wants access to os x system keychain

Yosemite 10.10.3 & Cisco AnyConnect Secure Mobility Client version 3.1.07021

OS X wants to make changes. Type an administrator's name and password to allow this. OS X wants to use the "System" keychain.

User uploaded file

If I enter credentials and press allow, the prompt comes back at least two more times before a connection is made, if I click deny the prompt repeats but eventually goes away and allows a connection without authenticating for the "System" keychain. While I can easily work around this by clicking deny, I would prefer to resolve this for the end users.


The same occurs under the guest account.

I have uninstalled and reinstalled several times, and tried the different versions of AnyConnect that are currently available for me to use here.

I had changed the permissions on the /Library/Keychains/System.keychain and that did not resolve

I had modified the permissions on private keys in the system keychain and that did not resolve


I started from scratch with a fresh 10.10.3 build, and the issue persists.

Posted on Apr 14, 2015 12:43 PM

Reply
Question marked as Top-ranking reply
User profile for user: feidakila
feidakila
User level: Level 1
14 points

Posted on Dec 1, 2017 12:04 AM

This solved my issue:


• Launch /Applications/Utilities/Keychain Access

• Select "System" from the Keychains menu in the upper left

• Select "Certificates" from the Category menu in the lower left

• Find the entry that corelates to your computer's name in the list on the right, and click on the disclosure triangle.

• Secondary click on the "Private Key" entry that appears and select "Get Info" from the contextual menu that appears.

• Select the Access Control tab.

• You can then *either* add AnyConnect to the the list at the bottom of the screen (more secure, but you will need to repeat this process anytime the version of AnyConnect changes), *or* toggle the radio button to "Allow all applications to access this item".

taken from Google Groups

View in context
16 replies

Cisco AnyConnect wants access to os x system keychain

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up