This is one of the critical parts; we need a custom self-sign certificate. The Server certificate should be inserted on the RRAS Server, and the client certificate should be installed on the client’s PC to authenticate the VPN connections.
How to create For Self Sign Certificate on Azure VM
To Create Self Sign certificate on the Azure VM, log in with the proper credit, install all the IIS6 Resource Kit on your server and follow the configurations below.
1. Download and Install the iis60rkt on your server to generate the SSL certificate for the VPN
2. Type cmd on the search bar
3. Right-click on the Command Prompt and select Run as administrator
4. On the CMD screen, locate the selfSSL folder as shown in the above image
5. Type selfssl.exe /N:cn=AzureVM08.southindia.cloudapp.azure.com /V:3650 and Confirm prompt with “y“, ignore metabase error
(3650 == 10 years, “AzureVM08.cloudapp.net” represents the fully-qualified domain name, FQDN)
6. Press Windows + R Key on your Keyboard and type certlm.msc to open the certificate store on your device
That’s it; you can successfully create one self signed certificate on your server. To export the self signed certificate, please follow the below step by steps instructions.
How to Export Self Sign Certificate For Client PC
We have created the server certificate successfully, and now we have to export it with a password which later needs to be installed on the client PC from which you are connecting the VPN to the RRAS Server.
1. Expend Personal; Select Certificate, and you can see your newly created Certificate.
2. Right-click on the Certificate and click on the All Tasks
3. Click on Export…
4. Click on Next
5. Click on Yes, export the private key
6. Click on Next
7. Click on Next
8. Tick on Password; type the password in two fields
9. Once Done, Click on Next
10. Select a place where you want the certificate to be downloaded
11. Once Done, Click on Next
12. Click on Finish
As you can see, the certificate will have been successfully exported to the selected folder on your device.
How to Install a Self Sign Certificate on Client PC for RRAS VPN
This is one of the essential parts; we need a custom self sign certificate. The Server certificate should be inserted on the RRAS Server, and the client certificate should be installed on the client’s PC to authenticate the VPN connections.
1. Copy the VPN certificate to the device where you install the VPN and double-click on it
2. Select Local Machine for the store location
3. Click on Next
4. Click on Next
5. Type the password for the VPN certificate
6. Click on Next
7. Click on Place all certificates in the following store
8. Select Trusted Root Certification Authorities
9. Click OK
10. Click on Next
10. Click on Finish to complete the VPN certificate installation
That’s it; you have successfully installed the VPN certificate on your device.
Congratulations, you have successfully created the RRAS VM, configured the RRAS and NPS Service, and created and imported the self-signed certificate. Now the one and final part is to test the VPN on any Windows device. For that, please follow the below final tutorial for the detailed steps:
Was this Article Helpful?
Did I just helped you solve one of your problem? Support me by buying me a coffee. Thanks for your support