Server certificate not showing for VPN endpoint

Question

Hello, I’m in the process of creating a client VPN with mutual authentication. When I import my certificates, my client and server certificate pops up in the certificate manager. But when I go create a VPN endpoint my server certificate no longer shows up. I made sure it’s in the same region, I’ve followed the mutual authentication guide, and have tried from both cloudshell and command prompt. Still no luck. Any idea on why the server certificate isn’t popping up?

Answer

Hello.

Looking at this answer, it seems that you cannot select if the ACM domain is empty.  
https://repost.aws/questions/QUoTNWCpiJRt62bMup7YzhCA/client-vpn-endpoint-creation-not-detecting-client-certificate-in-acm#AN8FlDxzKKTHa0Yrw6g9KYIg

Try specifying the domain when creating the server certificate as shown below.  
```
./easyrsa build-server-full server.com nopass
```
I tried it with my AWS account, and it became possible to select it if there was a domain.  
![a](/media/postImages/original/IMH4r7ytPxRH-NUOz58l-02g)

![a](/media/postImages/original/IMf-XZ0igWSfyCEtX30BPi7Q)

Answer

Verify that your server certificate is of the correct type, active, and in the same region as your VPN endpoint, and check for any permissions issues.

Server certificate not showing for VPN endpoint

相关内容