openconnect works from cli, not from gui
I am always using the CLI to conenct to my VPN, because from the GUI this never seemed to work. I can connect to the server, get an authentication prompt an I need to enter my OTP. Even when I tried before, it will show me a already active session I have to kill, so connection to the VPN endpoint is established. After completing everything, the connection is dropped. journalctl shows me:
(removed sensitive info)
jan 09 13:33:34 hhwlnx004 NetworkManager[2231]: <info> [1673267614.3258] vpn[0x55d2de280640,9ecabf0a-b9bf-4f85-8b99-56b181341ca9,"Pulse"]: starting openconnect
jan 09 13:33:34 hhwlnx004 NetworkManager[2231]: <info> [1673267614.3262] audit: op="connection-activate" uuid="9ecabf0a-b9bf-4f85-8b99-56b181341ca9" name="Pulse" pid=203334 uid=1000 result="success"
jan 09 13:34:29 hhwlnx004 NetworkManager[2231]: <info> [1673267669.2378] manager: (vpn0): new Tun device (/org/freedesktop/NetworkManager/Devices/15)
jan 09 13:34:29 hhwlnx004 NetworkManager[286347]: Connected to x.x.x.x:443
jan 09 13:34:29 hhwlnx004 NetworkManager[286347]: SSL negotiation with host.domain.com
jan 09 13:34:29 hhwlnx004 NetworkManager[286347]: Server certificate verify failed: signer not found
jan 09 13:34:29 hhwlnx004 NetworkManager[286347]: Connected to HTTPS on host.domain.com with ciphersuite (TLS1.2)-(ECDHE-SECP256R1)-(RSA-SHA512)-(AES-128-GCM)
jan 09 13:34:29 hhwlnx004 NetworkManager[286347]: Got HTTP response: HTTP/1.1 404 Not Found
jan 09 13:34:29 hhwlnx004 NetworkManager[286347]: Unexpected 404 result from server
jan 09 13:34:29 hhwlnx004 NetworkManager[286347]: Creating SSL connection failed
jan 09 13:34:29 hhwlnx004 NetworkManager[286347]: Unknown error; exiting.
jan 09 13:34:29 hhwlnx004 NetworkManager[2231]: <warn> [1673267669.3732] vpn[0x55d2de280640,9ecabf0a-b9bf-4f85-8b99-56b181341ca9,"Pulse"]: dbus: failure: connect-failed (1)
jan 09 13:34:29 hhwlnx004 NetworkManager[2231]: <warn> [1673267669.3733] vpn[0x55d2de280640,9ecabf0a-b9bf-4f85-8b99-56b181341ca9,"Pulse"]: dbus: failure: connect-failed (1)
I tried downloading the certificate as mentioned here: https://superuser.com/questions/1030642/openconnect-certificate-validation-with-networkmanager But I still get the same errors. Also the certificate is signed by digicert, so this should already be available system wide.
I read NetworkManager uses IP instead of hostname, hence why the certificate check fails.