SoftEther VPN User Forum

SoftEther VPN User Forum
https://forum.softether.org/

MS-SSTP with SSL termination

https://forum.softether.org/viewtopic.php?f=7&t=66829

Page 1 of 1

MS-SSTP with SSL termination

Posted: Fri May 21, 2021 10:44 am
by oneb1t
Hello
is it possible to run softether MS-SSTP under nginx SSL termination? (so basically disable SSL on SSTP)

I want to have following setup:
NGINX + LetsEncrypt cert -> softether docker MS-SSTPT without TLS

I want to have it this way to have automatic certificate regeneration

Is it somehow possible to achieve this?
Thanks

Re: MS-SSTP with SSL termination

Posted: Sun May 23, 2021 1:59 pm
by eddiewu
You can't do SSTP without TLS. You can do two separate TLS though.
In fact, to realize automatic certificate renewal you can use certbot deploy hook + softether command line, without the need for nginx. But that would need good shell script knowledge.

Re: MS-SSTP with SSL termination

Posted: Mon May 24, 2021 11:55 am
by oneb1t
So that means I can use nginx with automatic letsencrypt (i already have that working for other things in our infrastructure) and then softether with some invalid certificate? And then ignore that certificate somehow inside nginx configuration? Will it work like that?

Re: MS-SSTP with SSL termination

Posted: Mon May 24, 2021 12:27 pm
by eddiewu
I don't know how to do it with nginx. Basically it needs to do MITM.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/