Cisco VPN Client hangs at "Opening cert store"

I am unable to launch the Cisco VPN Client successfully. When the splash screen reaches the step labeled "Opening cert store", it simply hangs and goes unresponsive.

Picture of the "Opening cert store" step

In the event viewer (eventvwr.exe) I found a warning stating:

The application (Cisco AnyConnect VPN Client, from vendor Cisco) has the following problem: To function properly, Cisco AnyConnect VPN Client must be reinstalled after you upgrade Windows.

Nothing else seemed to be amiss. Any good ideas on how to debug this further or solve the issue?

Johny Skovdal

Posted 2013-06-13T10:44:43.987

Reputation: 1 155

Answers

I finally found out what was causing this. A single answer by Chad Roeder on the Cisco support forums had the right solution:

Open Microsoft Management Console (type mmc in Run or search).
Add Snap-in "Certificates" (File -> Add/Remove Snap-in... -> [find and add "Certificates] -> Choose "My User account" -> OK)
Go to the folder Personal/Certificates
Remove any unwanted certificates (for me it was certificates added by Fiddler to enable SSL traffic debugging)
Consider repeating step 2-4 but using "Computer Account" instead of "My User account".

I hope this helps making the solution more visible in online searches. :)

To mitigate this issue within Fiddler, either use the Fiddler CertMaker Extension (which does not add the certificates to your store in the first place) or use the QuickExec box below the Fiddler Web Sessions list to run the following command:

prefs set fiddler.CertMaker.CleanupServerCertsOnExit True

Johny Skovdal

Posted 2013-06-13T10:44:43.987

Reputation: 1 155

1Also, the Fiddler certs are added to the Current User store ("My current user" as you add the snap-in in mmc). I got confused because I couldn't find them in the "Computer account" store. – Dan Mangiarelli – 2014-11-19T18:35:37.900

1@DanMangiarelli: Thank you, updated the answer with the info. :) – Johny Skovdal – 2014-12-02T06:39:08.803

1Asked and answered in the same minute - that means you only made this to share this information. You've pretty much saved my life. – corsiKa – 2015-03-22T22:59:36.283

@EricLaw Awesome addition. Other people might have issues with other applications than Fiddler, so I'll leave it with both solutions here. Yours is surely helpful to make sure Fiddler stays useful for me. :) – Johny Skovdal – 2013-06-13T18:18:39.920

Add Cisco certificate to My User account Certificates, worked for me.

CN = Cisco Systems, Inc.
OU = Endpoint Security
OU = Digital ID Class 3 - Microsoft Software Validation v2
O = Cisco Systems, Inc.
L = Boxborough
S = Massachusetts
C = US

ismail tutumluer

Posted 2013-06-13T10:44:43.987

Reputation: 1

1Did that give you the same error of the dialog stalling at opening cert store beforehand? Sounds like a different problem to begin with? :) – Johny Skovdal – 2018-03-20T09:37:59.080