Hello everyone,
I'm trying to set up an AWS Client VPN Endpoint in the us-east-2 (Ohio) region and I'm facing an issue where my server certificate isn't being detected.
I have successfully imported a server certificate into AWS Certificate Manager (ACM) in the same us-east-2 region. The certificate's status is "Issued" and its type is "Imported".
However, when I go to the VPC console to create a Client VPN Endpoint (also in us-east-2), the "Server certificate ARN" dropdown list is empty and shows "No certificates available."
Here is what I have already tried and verified:
The ACM certificate and the Client VPN Endpoint are in the exact same AWS region (us-east-2).
I have waited for several hours, so it is not a propagation delay.
I have tried all standard browser troubleshooting: hard refresh (Ctrl+F5), logging out and back in, and using a different browser/incognito mode.
I have inspected the certificate I generated (using openssl) and can confirm it correctly has the X509v3 Extended Key Usage: TLS Web Server Authentication attribute.
Despite all these checks, the certificate is still not visible to the Client VPN service. I do not have a paid support plan, so I'm hoping the community might have some ideas.
Has anyone encountered this specific issue? Are there any other non-obvious certificate requirements or IAM permissions I might be missing that would cause a valid, imported certificate to be unlisted?
Thank you for any suggestions!
