Strange situation, issued self-signed CLIENT cert on mikrotik and imported into Win7 does not work, because Win7 cannot verify its authenticity, but if I import the CA cert from the mikrotik which was used to sign the CLIENT certificate then Win7 can connect, but at the same time if I remove CLIENT certificate from Win7 and leave only CA cert - this is enough for Win7 to connect to SSTP server on mikrotik.
In SSTP server settings I have the CLIENT certificate selected, not CA.
Should I set a CA cert on mikrotik as "non trusted"?