Just tried to setup up sstp-server on my mikrotik rb750 running 5.0rc5. But i cant connect with windows 7 clients.
I use self signed certs done through easy-rsa. And those work with openvpn on the same rb750.
I just created new certs, because I saw that the old once where missing my FQDN under CN. So thats corrected now.
And has the flags “KR” on the RB.
The CA-cert has also been added to trusted root ca in windows.
The error message that i get on the sstp client in windows: …root cert is not trusted by trust provider…
And the log in my RB750 tells me:
echo: sstp,info fw-sstp: : waiting for call…
echo: sstp,info fw-sstp: : terminating… - broken http connection
echo: sstp,debug fw-sstp: : LCP lowerdown
echo: sstp,debug fw-sstp: : LCP down event in initial state
echo: sstp,info fw-sstp: : disconnected
I found 2 old forum posts about this, but without any solution.
The problem was that I imported the cert in the windows client under “trusted root CA” for “My User Account”.
When I in fact should have placed it under “trusted root CA” for “Computer account”.
On Windows 7 x64 SP1, I had to import the CA.crt into “Trusted Root Certification Authorities\Local Computer”. I found that by checking “Show physical stores.” I imported my client.crt into “Personal\Local Computer” discovered the same way.
