Tuesday, August 09, 2011 11:26 AM
I seem to have a problem, and at this point, I just don't know what is wrong.
So the problem is that when connecting, I get this dreaded error 0x0800b0109: "A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider."
So it seems the computer doesn't trust the CA of the VPN server. Fine. So I add the CA to the trusted root store, and it STILL doesn't work.
I have verified that the CA is indeed trusted now by (since the VPN server is also a web server) connecting to the server via https. No errors. No warnings. Works in both IE and Firefox, and I have no exceptions enabled in either browser.
There is only one anomaly I can think off... and that is that when I imported the certificate into the trusted root store, Windows told me it couldn't verify that the certificate came from the CA. Nevertheless, I downloaded it from https://XXX/certsrv, so it should be valid. I could get the full message if it would help.
Tuesday, August 09, 2011 11:55 AMYou must install root certificate to the computer store (not current user). Run blank MMC console, Ctrl+m and add Certificates snap-in. When prompted select Computer account. In the opened snap-in select Trusted Root CAs node, right-click, select All Tasks and Import. Import root CA certificate to the store.
My weblog: http://en-us.sysadmins.lv
PowerShell PKI Module: http://pspki.codeplex.com
Windows PKI reference: on TechNet wiki
- Marked As Answer by Natsuki Tuesday, August 09, 2011 11:57 AM
Tuesday, August 09, 2011 11:58 AMSuch an easy solution! I love those!