Site of Cao Shouguang, English to Chinese translator

Using .p12 to connect to a VPN using Cisco Anyconnect client on Linux

.p12 is a cert package file that contains both the certificate and the private key. You need both to connect to VPN usng Cisco Anyconnect client.

1. Extract the public certificate and the private key from your .p12 file.

Suppose the .p12 file is “guest.p12”. Open Terminal and run:

openssl pkcs12 -in guest.p12 -out guest.crt

to extract the public certificate.

And then run:

openssl pkcs12 -in store.p12 -out guest.key -nodes -nocerts

to extract the private key.

2. Copy the extracted .crt and .key file to special folders folders that Cisco Anyconnect client recognizes.

Suppose your linux username is “dallas”:

You need first create the following folders on your computer:


And then copy the .crt and .key files to these folders:

cp ./guest.crt /home/dallas/.cisco/certificates/client
cp ./guest.key /home/dallas/.cisco/certificates/client/private

You should now connect to your VPN using the Cisco Anyconnect client.

Leave a Comment