Jump to content
Forum²

Recommended Posts

Posted

Hello,

 

I've just set up a server to act as a VPN server and I'm trying to use the SSTP VPN as the connection point. However, everytime I try to connect I get "error 800b0109 A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.". I followed the setup/install guide by Thomas Shinder (windowssecurity.com) and Microsofts own instructions! So, I create my first VPN connection as PPTP (this works), I then got the certificate (http://{internal ip address}/certsrv/) and install it into "Trusted root certificates". I then change my VPN Connector (on windows 7) to SSTP and try to connect. Then I get the error! Can anyone help? TIA

Posted
Never tried with SSTP, anyway, are you sure the problem is not with the client? Maybe you must trust the certificates from the client...

--------------------------------------------------------

Tu peux aussi crire en franais.

Du kannst auch auf Deutsch schreiben.

Puoi scrivere anche in italiano.

--------------------------------------------------------

Posted
I don't think so! As far as I can tell the certificate is made up of two parts: the root certificate (from Enterprise CA) looking something like 'domain netbios name-Server Name-CA' and the domain certificate (generated through IIS) that looks something like 'servername.domain.com'. I'm going to try manually adding both certificates to the client to see if that helps (shouldn't need to as they are chained together)!
Posted
Hi ICTCity, thanks for the link it actually made some sense. However, a minor problem in that it pulls up another error which is "80072afc The requested name is valid, but no data of the requested type was found.". I'm off to have a roam and see if I can find out what this means! If you like, when I've finally got this working I'll write it up and send you a copy.
Posted

Yes, this is interesting, I never seen 80072afc error!

 

Thanks.

--------------------------------------------------------

Tu peux aussi crire en franais.

Du kannst auch auf Deutsch schreiben.

Puoi scrivere anche in italiano.

--------------------------------------------------------

  • 5 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...