Use 3-party SSL cert with SoftEther VPN server?

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
gkarasik
Posts: 6
Joined: Sun Jun 03, 2018 3:40 pm

Use 3-party SSL cert with SoftEther VPN server?

Post by gkarasik » Tue Jun 05, 2018 2:03 am

Hi,

I'm starting a new thread on this topic because I didn't correctly phrase my question in the previous thread.

I have a Server 2012 R2 server on which I would like to install and run SoftEther VPN server. I have a record set up at my ISP's DNS that points VPN.MyServer.Org to my server's static IP. I have a Comodo SSL cert named VPN.MyServer.Org installed on my server.

Can I set up SoftEther VPN server so that when people put VPN.MyServer.Org as the address in their VPN clients, it will connect to my SoftEther VPN server and authenticate via the already installed SSL cert VPN.MyServer.Org?

Or must I use the SoftEther address and the SoftEther cert?
GaryK

qupfer
Posts: 198
Joined: Wed Jul 10, 2013 2:07 pm

Re: Use 3-party SSL cert with SoftEther VPN server?

Post by qupfer » Tue Jun 05, 2018 6:37 am

I don't get, what your real problem/question is.
You can import and use your comodo certficate via Cert Import function (see attached screenshot). But I think, this was also said in the last topic.
After that, your server authenticates itself by this imported certificate and your clients can be sure, that VPN.MyServer.Org is indeed VPN.MyServer.Org.
You do not have the required permissions to view the files attached to this post.

gkarasik
Posts: 6
Joined: Sun Jun 03, 2018 3:40 pm

Re: Use 3-party SSL cert with SoftEther VPN server?

Post by gkarasik » Tue Jun 05, 2018 1:02 pm

I will try to clarify my question:

Currently the server does not host a website, and we connect to it using its static IP. We can also use VPN.MyServer.Org, which resolves to that static IP, and we have an SSL also named VPN.MyServer.Org.

When I install SoftEther VPN server, it asks me to create a cert and to select a dynamic name (Me.SoftEther.Org) that it wants me to use to connect to my SoftEther VPN server. I know now that I can use my own cert. Instead of the SoftEther dynamic address (Me.SoftEther.Org), can I use my own server address (VPN.MyServer.Org)?

In other words, if at my client I type in the address VPN.MyServer.Org, will it connect to the SoftEther VPN and authenticate to my own SSL cert?
GaryK

qupfer
Posts: 198
Joined: Wed Jul 10, 2013 2:07 pm

Re: Use 3-party SSL cert with SoftEther VPN server?

Post by qupfer » Tue Jun 05, 2018 1:53 pm

Yes you can.

gkarasik
Posts: 6
Joined: Sun Jun 03, 2018 3:40 pm

Re: Use 3-party SSL cert with SoftEther VPN server?

Post by gkarasik » Tue Jun 05, 2018 2:23 pm

Lovely. Thanks!
GaryK

gkarasik
Posts: 6
Joined: Sun Jun 03, 2018 3:40 pm

Re: Use 3-party SSL cert with SoftEther VPN server?

Post by gkarasik » Tue Jun 05, 2018 11:41 pm

qupfer wrote:
> Yes you can.

The server will be behind a NAT firewall. Will I need to forward ports to the server?
GaryK

thisjun
Posts: 2103
Joined: Mon Feb 24, 2014 11:03 am

Re: Use 3-party SSL cert with SoftEther VPN server?

Post by thisjun » Thu Jun 21, 2018 5:54 am

In the default setting, the VPN client doesn't verify the server cert.
If you want to let the VPN client verify the server cert, you have to import the server cert or CA cert to the client and enable the verification.

Post Reply