Creating Certificate for Azure Point to Site

When using an Azure environment it can be easier for users to connect to a VPN to connect to file servers and drive mappings. This blog outlines how to create and install certificates once an Azure VNet and gateway have been established.

  1. Sign in to the Domain Controller server
  2. Open PowerShell as administrator
    1.  Run the following command to generate a self-signed root certificate

b. Leave the same PowerShell window open

c. Run the following command to generate a client certificate

3. Export the root certificate public key

  1. Open certificate manager via start menu
  2. Locate the certificate (Current User\Personal\Certificate)
  3. Right click the root certificate -> All Tasks -> Export

d. In the Wizard, select Next and use the following options

  1. No, do not export private key -> Next
  2. Base-64 encoded X.509(.CER) -> Next
  1. Specify a file path to save the certificate to
  1. Click finish

4. Export the client certificate

  1. In certificate manager, right click the client cert -> All Tasks -> Export
  2. In the Wizard, select next and use the following options
    1. Yes, export the private key -> Next
    2. Personal Information Exchange -PKCS #12
      1. Select Include all certificates in the certification..
      2. Select Enable the certificate privacy
      3. Hit Next
    3. Enter a password for the certificate -> Next
    4. Choose a location to export the certificate (Preferable the same place the root cert was saved to) -> Next
    5. Select Finish

5. Copy and paste the client cert to any computer needed and double click to install