one of the customers my company has, wants to improve the security of the VPN connections and to do that, they want to use client based certificate authentication while using SSTP as tunnel-protocol.
First question: is this possible and what server roles beside AD and CA for a private PKI are needed?
Second question: Has someone a good tutorial for this, as I didn't find anything with client certificates on the Internet and I am quite a noob with the TMG?
Thank you for the post.
SSTP VPN only need trust root CA on client computer, On the server side, a machine certificate is required in order for SSTP based connection. On the client side, a certificate is required inside the trusted root
CA machine store. To create sstp vpn, please refer to this link:
Nick Gu - MSFT
Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.
Would you like to participate?