So I'm building an SSTP VPN.
I get the following error when trying to connect to the VPN:
A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
To generate the certificate I used selfssl.exe from the IIS 6 toolkit, with the identical CN as the DNS name I'm connecting to.
This was done ON the VPN server. Then I went to the Personal Certificate store and exported that certificate to the desktop. I did not export the Private Keys.
In RRAS itself I configured the VPN to use this certificate, and did the same in NPS with PEAP to use that certificate.
Then on the client I made sure that the exported certificate is installed under the Trusted Root Certification Authorities, on the Local Machine (not user!).
Now according to the internet (and the noumerous questions and answers I find on this site) this should be sufficiaent. However I still hit the error.
What could I do, or do you have additional pointers for me to get this issue resolved.
