-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Confusing and inconsistent documentation and steps. #1425
Comments
BTW, regardless of the above I was eventually able to get my certificates how and where I need them. A note on the non-domain joined RRAS server, you also need to first put the CA cert in the local computer Trusted Root Certification Authorities and Intermediate Certification Authorities stores before you can successfully run the certreq -accept command. |
hi buzzywinter, I am part-way through configuring Always on VPN and am unsure how to resolve this problem. I receive an error when I try to run the command "certreq -attrib “CertificateTemplate:[Customer]VPNGateway” -submit VPNgateway.req VPNgateway.cer" Any ideas what steps are missing? I also have a RRAS server that's not joined to the domain that I'm trying to configure. |
Hi shane-hca, My first question is did is your Certificate template actually named "[Customer]VPNGateway"? If not use the name of the template you created down lower in this page. Because I ran into so many issues getting the certreq... commnad to work properly (always erred) I ended up completely forgoing this documentation here and setting up my certificate template such that I could use the certificates mmc (as the system on a domain joined server) to request the certificate, filling in the appropriate information in the wizard to obtain the certificate (make sure to mark the private key as exportable). Then I would export it from the domain joined system and import into the RRAS server marking the private key as non-exportable. Then I would remove my certificate template so it could not be used. (I know this reply is assuming a certain amount of knowledge of Microsoft Certificate Authority.) |
@MihaiSP, can you take a look at this issue? |
I'm sure you are by now past this issue, but I spun in circles around this for a couple of hours. If you are hitting the same wall, future Googlers, PRIOR to processing the certificate request with your CA, you must jump ahead in the instructions to "Create the VPN Server Authentication template". The name you give to THIS template you will replace "[Customer]VPNGateway" with. The instructions could be much more clear here. Once you get a certificate generated, you might as well also run this command: |
Fully 3 years after this issue was first raised, the documentation is still a complete dogs dinner. Whoever "owns" this page should be ashamed of themself. |
#label:"doc-bug" |
#please-close |
Hi, this page has many issues and is confusing.
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
The text was updated successfully, but these errors were encountered: