SoftEther VPN User Forum

SoftEther VPN User Forum
https://forum.softether.org/

Use 3-party SSL cert with SoftEther VPN server?

https://forum.softether.org/viewtopic.php?f=7&t=60754

Page 1 of 1

Use 3-party SSL cert with SoftEther VPN server?

Posted: Tue Jun 05, 2018 2:03 am
by gkarasik
Hi,

I'm starting a new thread on this topic because I didn't correctly phrase my question in the previous thread.

I have a Server 2012 R2 server on which I would like to install and run SoftEther VPN server. I have a record set up at my ISP's DNS that points VPN.MyServer.Org to my server's static IP. I have a Comodo SSL cert named VPN.MyServer.Org installed on my server.

Can I set up SoftEther VPN server so that when people put VPN.MyServer.Org as the address in their VPN clients, it will connect to my SoftEther VPN server and authenticate via the already installed SSL cert VPN.MyServer.Org?

Or must I use the SoftEther address and the SoftEther cert?

Re: Use 3-party SSL cert with SoftEther VPN server?

Posted: Tue Jun 05, 2018 6:37 am
by qupfer
I don't get, what your real problem/question is.
You can import and use your comodo certficate via Cert Import function (see attached screenshot). But I think, this was also said in the last topic.
After that, your server authenticates itself by this imported certificate and your clients can be sure, that VPN.MyServer.Org is indeed VPN.MyServer.Org.

Re: Use 3-party SSL cert with SoftEther VPN server?

Posted: Tue Jun 05, 2018 1:02 pm
by gkarasik
I will try to clarify my question:

Currently the server does not host a website, and we connect to it using its static IP. We can also use VPN.MyServer.Org, which resolves to that static IP, and we have an SSL also named VPN.MyServer.Org.

When I install SoftEther VPN server, it asks me to create a cert and to select a dynamic name (Me.SoftEther.Org) that it wants me to use to connect to my SoftEther VPN server. I know now that I can use my own cert. Instead of the SoftEther dynamic address (Me.SoftEther.Org), can I use my own server address (VPN.MyServer.Org)?

In other words, if at my client I type in the address VPN.MyServer.Org, will it connect to the SoftEther VPN and authenticate to my own SSL cert?

Re: Use 3-party SSL cert with SoftEther VPN server?

Posted: Tue Jun 05, 2018 1:53 pm
by qupfer
Yes you can.

Re: Use 3-party SSL cert with SoftEther VPN server?

Posted: Tue Jun 05, 2018 2:23 pm
by gkarasik
Lovely. Thanks!

Re: Use 3-party SSL cert with SoftEther VPN server?

Posted: Tue Jun 05, 2018 11:41 pm
by gkarasik
qupfer wrote:
> Yes you can.

The server will be behind a NAT firewall. Will I need to forward ports to the server?

Re: Use 3-party SSL cert with SoftEther VPN server?

Posted: Thu Jun 21, 2018 5:54 am
by thisjun
In the default setting, the VPN client doesn't verify the server cert.
If you want to let the VPN client verify the server cert, you have to import the server cert or CA cert to the client and enable the verification.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/