By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Server certificate not showing for VPN endpoint

0

Hello, I’m in the process of creating a client VPN with mutual authentication. When I import my certificates, my client and server certificate pops up in the certificate manager. But when I go create a VPN endpoint my server certificate no longer shows up. I made sure it’s in the same region, I’ve followed the mutual authentication guide, and have tried from both cloudshell and command prompt. Still no luck. Any idea on why the server certificate isn’t popping up?

Topics
Networking & Content DeliverySecurity, Identity, & Compliance
Tags
Amazon VPCSecurity, Identity, & ComplianceNetworking & Content DeliveryAWS Virtual Private Network (VPN)AWS Client VPN
Language
English
Michael Smith
asked a month ago293 views
2 Answers
3

Hello.

Looking at this answer, it seems that you cannot select if the ACM domain is empty.
https://repost.aws/questions/QUoTNWCpiJRt62bMup7YzhCA/client-vpn-endpoint-creation-not-detecting-client-certificate-in-acm#AN8FlDxzKKTHa0Yrw6g9KYIg

Try specifying the domain when creating the server certificate as shown below.

./easyrsa build-server-full server.com nopass

I tried it with my AWS account, and it became possible to select it if there was a domain.
a

a

profile picture
EXPERT
Riku_Kobayashi
answered a month ago
profile picture
EXPERT
Gary Mclean
reviewed a month ago
1

Verify that your server certificate is of the correct type, active, and in the same region as your VPN endpoint, and check for any permissions issues.

profile picture
EXPERT
Osvaldo Marte
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content