SoftEther VPN User Forum

Hi, I'm new to SoftEther, I set it up for SSTP server to connect my Android phone to home network.
I'm able to connect to SoftEther using an Android SSTP client. However, I got the following error message when I tried to connect to SoftEther using Windows native SSTP client :
A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider

I think this error is caused by I don't have a SSL certificate for SoftEther SSTP server, but I don't know how to setup one.

Can someone please help please.

Thanks
Lee

Maybe run this in vpncmd:
ServerCertRegenerate CN
ServerCertRegenerate <YOUR DOMAIN>

And maybe: have you installed the certificate in Windows?
Have a look here: https://technet.microsoft.com/en-gb/lib ... 41378.aspx
And here maybe: https://jlnostr.de/en/blog/raspberry-pi ... tallieren/
And here: https://www.softether.org/4-docs/1-manu ... entication

Thanks for your post.

This is what I have accomplished so far. Configured softether server to use vpnazure, I can native windows sstp client and connect via vpnazure cloud. I can also connect using softether window's client, and connect with my android phone by using sstp vpn client by colucci-webit .

I'd really appreicate if you give me step by step procedures to setup both softether server and native windows sstp client so that they talk to each other ?

Thanks
Lee

Ok. What I think is, that Windows sees, that SoftEther has a self signed certificate. So Windows says: I don't trust you! I won't connect to you.
But I'll try to help you.
Ok. If you are on Linux run vpncmd.
Then connect to your vpnserver.
There run:
ServerCertGet ~/cert.cer
-> save server cert in ~/cert.cer
Next exit vpncmd with: exit
Next get into the root shell:
sudo -s
And change into the root home directory:
cd
Next change the rights:
chown <USERNAME>:<GROUPNAME> cert.cer
chmod 777 cert.cer
If your user is called max:
chown max:max cert.cer
chmod 777 cert.cer

And move it into your home directory:
mv cert.cer /home/<USERNAME>
Replace <USERNAME> with your Username.
Exemple max:
mv cert.cer /home/max
Next get the cert over FileZilla or an other way to your Windows PC.
And install it with the method described on the Microsoft page. I don't know if you use a Linux server. I do, so I think I can't help you with Windows...

Thanks for your instructions, but I'm running windows

Ok. Maybe it's the same. Ok:
In vpncmd run the same commands but save the cert on your HDD:
ServerCertGet C:\Users\<USERNAME>\downloads
And navigate to this path. Now I would recommend to use your client to connect to your Windows server via Homenetwork and get the Certificate. Now install it from the Microsoft Tutorial.