#2 - Create, Export and Upload P2S VPN Root Certificate
This post is Part #2 of the:
Windows Azure Monitoring over P2S VPN using System Center 2012 Operations Manager
Please make sure you read previous post(s) beforehand.
Link to previous part:
#1 - Create and Configure: Windows Azure Virtual Network, Affinity Group and Point-to-Site (P2S) VPN
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
This post will guide you over the steps to create, export and upload the required P2S VPN Root Certificate to Windows Azure in order to enable the secure encryption of the VPN Tunnel.
For this I'll be using Visual Studio 2012 and its Native Tools Command Prompt.
We start by opening the VS2012 Native Tools Command Prompt.
To create the VPN Root Certificate we then run the following command line:
makecert -sky exchange -r -n "CN=P2S-Network-1-Root-Cert" -pe -a sha1 -len 2048 -ss My
Note: You can type the name you like for the certificate name. In this case I used P2S-Network-1-Root-Cert.
Then to EXPORT the Root Cert you open the Certificates MMC snap-in.
Select My User Account:
You should be able to see the P2S-Network-1-Root-Cert.
Export it by following the steps below:
Save it on a secure place. Remember that this is the certificate to be used for the VPN Tunnel encryption.
Then finally UPLOAD the ROOT CERT to Windows Azure.
To do it you have to logon to the Windows Azure Management Portal.
Select Networks > P2S-Network-1 > Upload a Root Certificate
Browse for the certificate file you saved earlier on:
And finish the upload.
On the Windows Azure Portal you should now see the uploaded certificate.
Next Part: