Community discussions

MikroTik App
just joined
Topic Author
Posts: 21
Joined: Tue Dec 06, 2016 5:10 pm

SSTP Cert key usage

Fri Oct 16, 2020 12:50 am

I setup sstp some time ago and I love it but I'm setting up my old ac2 for some road warrior stuff but apparently I'm doing something wrong with the client key. SSTP client gives a "no key for certificate found (6)" but I've tried all kinds of key usage options and it still gives that error. It's the identical cert as what's on my sstp server so I'm not sure what the issue is. I want to verify the certs on both sides so I gotta figure out how to fix it.

Also, my CA and client certs are managed on my rb4011, exported and them imported on my ac2. No I don't want to go the openssl or certbot route.

Is there anyhting I should check or extra steps I have to do to export the client cert from rb4011 and import the cert on my ac2? I've imported the rb4011 CA also.

SSTP Server cert -
using this cert as the cert for SSTP client on the ac2 that's throwing the error.
Forum Guru
Forum Guru
Posts: 6076
Joined: Mon Apr 20, 2009 9:11 pm

Re: SSTP Cert key usage

Fri Oct 16, 2020 2:48 am

For client, you probably want certificate with key usage "tls client". And not just certificate, but also its private key.
People who quote full posts should be spanked with ethernet cable. Some exceptions for multi-topic threads may apply. Not intended as incentive for masochists.

Who is online

Users browsing this forum: Bing [Bot], Google [Bot], sdegler and 96 guests