2 Answers
- Newest
- Most votes
- Most comments
0
Hi Arun,
This error usually indicates a problem during the initial negotiation between the VPN client and the VPN server.
- Ensure the certificate and the private key were imported correctly into ACM.
- Ensure that the certificate is still valid (not expired).
- Confirm that the wildcard certificate is appropriate for the domain you're connecting to.
- Recheck the CA chain. Even if it matches, there might be an order issue.
- Verify that the SAML-based authentication is set up correctly.
- Check if the SAML provider is accessible and correctly integrated with the Client VPN endpoint.
answered 7 months ago
0
Hello Victor,
thanks your reply and sorry for my late response. Confirm that the wildcard certificate is appropriate for the domain you're connecting to. Not sure how should I confirm this but it looks like a single certificate is not enough for this task.
we generated two self signed certificates (client and server) uploaded in ACM used the server certificate for SAML based VPN endpoint and it worked however we never wanted to use self signed certificate. May be there is no other way around.
answered 7 months ago
Relevant content
- Accepted Answerasked 6 months ago
- Accepted Answerasked 5 years ago
- asked 6 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 5 months ago
- How do I get notified when the certificate associated to the Client VPN endpoint is about to expire?AWS OFFICIALUpdated 5 months ago
Any update?