So I'm building an SSTP VPN.
I get the following error when trying to connect to the VPN:
A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
To generate the certificate I used selfssl.exe
from the IIS 6 toolkit, with the identical CN as the DNS name I'm connecting to.
This was done ON the VPN server. Then I went to the Personal Certificate store and exported that certificate to the desktop. I did not export the Private Keys.
In RRAS itself I configured the VPN to use this certificate, and did the same in NPS with PEAP to use that certificate.
Then on the client I made sure that the exported certificate is installed under the Trusted Root Certification Authorities
, on the Local Machine (not user!).
Now according to the internet (and the noumerous questions and answers I find on this site) this should be sufficiaent. However I still hit the error.
What could I do, or do you have additional pointers for me to get this issue resolved.