The Certificate’s CN Name Does Not Match The Passed Value.

The Certificate’s CN Name Does Not Match The Passed Value.

You can get this error, The Certificate’s CN Name Does Not Match The Passed Value while setting up the connection with the SSTP VPN configured in any environment. I faced this issue with my VPN server configured on an Azure server using Microsoft Windows 2012 R2 Server. Microsoft Azure assign a DNS name to all the classic virtual machines. I tried to use that name to connect to my VPN server and during the connection I got this error. The solution of this problem is real simple which is to use the Common name which is given in the SSL certificate configured in IIS for the default website because the SSTP VPN server configuration is configured with the default SSL certificate under Routing and Remote Access Server. You can change the SSL certificate from under given location of your RRAS server:

RRAS SSL certificate settingsThe SSL certificate Common Name (CN) must be the one which are using to connect to the VPN server using the windows VPN client. Microsoft Azure provide a facility to assign a DNS name to your server. in case you are not using that name for your SSL certificate, you will get this error. I was using the Microsoft DNS name for the VPN server so that’s why I was getting this error. You can check the CN given in the SSL certificate and use that name to connect to your VPN. Using SSTP VPN is secure and easy because it use only 443 TCP port which is most of times opened in the firewall for SSL communications. Other VPN types like PPTP and L2TP require more settings in firewall which sometimes become difficult for a normal user to fix. Its much better and easier to use and configure SSTP VPN on Microsoft Windows 2012 R2 server under Azure environment