Hi,
I tried to set up a SSTP server on my RouteOS without certificate but SSTP connection from Windows 7 to MikroTik failed.
According to this link: http://wiki.mikrotik.com/wiki/Manual:Interface/SSTP :
While connecting to SSTP server, Windows does CRL (certificate revocation list) checking on server certificate which can introduce a significant delay to complete a connection or even prevent the user from accessing the SSTP server at all if Windows is unable to access CRL distribution point! Custom generated CA which does not include CRLs can be used to minimize connection delays and certificate costs (signed certificates with known CA usually are not for free), but this custom CA must be imported into each Windows client individually. It is possible to disable CRL check in Windows registry, but it is supported only by Windows Server 2008 and Windows 7.
And according to this link: http://support.microsoft.com/kb/947054 :
NoCertRevocationCheck
Registry subkey:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Sstpsvc\Parameters
Registry entry: NoCertRevocationCheck
Data type: REG_DWORD
You can use this registry entry to enable or to disable the SSL certificate revocation check that the VPN client performs during the SSL negotiation phase. Certificate revocation check will be performed if the value is set to 0. If the value is set to 1, certificate revocation check will be skipped. Notice that you should set this value to 1 only for debugging. Do not set this value to 1 in your production environment. By default, certificate revocation check is performed.
I did the above instructions to connect to my Mkrotik RouterOS via Windows 7 SSTP client without certificate but it fails.
I tested both on RouterOS v5.8 and v5.20
Any help, suggestion or solution?
Thanks.