Previously my openconnect server deployment plan utilizes PAM authentication (via Kerberos/Active Directory) as the primary authentication method. It works but it’s complicated (password every time). I just enabled certificate authentication today and it worked fine. Things to note Enable certificate authentication as an alternative authentication method (up to you, but some guys in our domain… Continue reading Openconnect and Active Directory Certificate Service