#5 - Create and Export the P2S VPN Client Certificate
This post is Part #5 of the:
Windows Azure Monitoring over P2S VPN using System Center 2012 Operations Manager
Please make sure you read previous post(s) beforehand.
Link to previous part:
#4 - Create Virtual Machine in the P2S VPN Network Availability Group
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Earlier in Part 2 we created the Root Certificate to enable the VPN Tunnel encryption.
Now we will create the Client Certificate that will be used on the VPN Client Machine connecting to the Windows Azure Virtual Network.
As before, I'll be using Visual Studio 2012 and its Native Tools Command Prompt.
We start by opening the VS2012 Native Tools Command Prompt.
To create the VPN Client Certificate we need to run the following command line:
makecert.exe -n "CN=Client-P2S-Network-1-VPN-Cert" -pe -sky exchange -m 96 -ss My -in "P2S-Network-1-Root-Cert" -is my -a sha1
The tool automatically imports the certificate to your personal certificate store.
Therefore you will have to export it by running the following steps starting by opening MMC.exe:
Load the Certificates snap-in:
And then your User Account store:
Expand as shown so that you can see the created certificate:
To export the Client Certificate, select it:
Right-click it and select Export.
Select Yes, export the private key.
Leave default options and click next:
Set the password for the client certificate and make sure you take note of it in a secure place.
Save the exported certificate file to a secure place:
This finishes the process of creating the VPN Client Certificate that is required to be imported on each machine connecting to the Windows Azure Virtual Network.
The certificate file will be used in the next Part:
#6 - Configure and connect the P2S VPN Client to the Windows Azure P2S VPN