How to Create and Configure RRAS VPN Server on Azure VM Part 4 – Create & Install Self Sign Certificate

How to Create and Configure RRAS VPN Server on Azure VM

This is one of the critical parts; we need a custom self-sign certificate. The Server certificate should be inserted on the RRAS Server, and the client certificate should be installed on the client’s PC to authenticate the VPN connections.

How to create For Self Sign Certificate on Azure VM

To Create Self Sign certificate on the Azure VM, log in with the proper credit, install all the IIS6 Resource Kit on your server and follow the configurations below.

How to Install the Self Sign Certificate on Client PC

1. Download and Install the iis60rkt on your server to generate the SSL certificate for the VPN

How to Install the Self Sign Certificate on Client PC

2. Type cmd on the search bar

3. Right-click on the Command Prompt and select Run as administrator

How to Install the Self Sign Certificate on Client PC

4. On the CMD screen, locate the selfSSL folder as shown in the above image

How to Install the Self Sign Certificate on Client PC

5. Type selfssl.exe /N:cn=AzureVM08.southindia.cloudapp.azure.com /V:3650 and Confirm prompt with “y“, ignore metabase error

(3650 == 10 years, “AzureVM08.cloudapp.net” represents the fully-qualified domain name, FQDN)

How to Install the Self Sign Certificate on Client PC

6. Press Windows + R Key on your Keyboard and type certlm.msc to open the certificate store on your device

That’s it; you can successfully create one self signed certificate on your server. To export the self signed certificate, please follow the below step by steps instructions.

How to Export Self Sign Certificate For Client PC

We have created the server certificate successfully, and now we have to export it with a password which later needs to be installed on the client PC from which you are connecting the VPN to the RRAS Server.

How to Install the Self Sign Certificate on Client PC

1. Expend Personal; Select Certificate, and you can see your newly created Certificate.

2. Right-click on the Certificate and click on the All Tasks

3. Click on Export…

How to Install the Self Sign Certificate on Client PC

4. Click on Next

How to Install the Self Sign Certificate on Client PC

5. Click on Yes, export the private key

6. Click on Next

How to Install the Self Sign Certificate on Client PC

7. Click on Next

How to Install the Self Sign Certificate on Client PC

8. Tick on Password; type the password in two fields

9. Once Done, Click on Next

How to Install the Self Sign Certificate on Client PC

10. Select a place where you want the certificate to be downloaded

11. Once Done, Click on Next

How to Install the Self Sign Certificate on Client PC

12. Click on Finish

How to Install the Self Sign Certificate on Client PC

As you can see, the certificate will have been successfully exported to the selected folder on your device.

How to Install a Self Sign Certificate on Client PC for RRAS VPN

This is one of the essential parts; we need a custom self sign certificate. The Server certificate should be inserted on the RRAS Server, and the client certificate should be installed on the client’s PC to authenticate the VPN connections.

How to Install the Self Sign Certificate on Client PC

1. Copy the VPN certificate to the device where you install the VPN and double-click on it

2. Select Local Machine for the store location

3. Click on Next

How to Install the Self Sign Certificate on Client PC

4. Click on Next 

How to Install the Self Sign Certificate on Client PC

5. Type the password for the VPN certificate

6. Click on Next

How to Install the Self Sign Certificate on Client PC

7. Click on Place all certificates in the following store

8. Select Trusted Root Certification Authorities

9. Click OK

How to Install the Self Sign Certificate on Client PC

10. Click on Next

How to Install the Self Sign Certificate on Client PC

10. Click on Finish to complete the VPN certificate installation

That’s it; you have successfully installed the VPN certificate on your device.

Congratulations, you have successfully created the RRAS VM, configured the RRAS and NPS Service, and created and imported the self-signed certificate. Now the one and final part is to test the VPN on any Windows device. For that, please follow the below final tutorial for the detailed steps:

Mohammed Nihal

Was this Article Helpful?

Did I just helped you solve one of your problem? Support me by buying me a coffee. Thanks for your support

Leave a Reply