kittoku
commented
1 month ago It's an expected behaviour for SSL socket to check if the server's certificate (or root/int CA) is enabled.
Open strelok00 opened 1 month ago
kittoku
commented
1 month ago It's an expected behaviour for SSL socket to check if the server's certificate (or root/int CA) is enabled.
sifaaa
commented
1 month ago @strelok00 CA added to the device? Of course, the open part of the key
strelok00
commented
1 month ago @strelok00 CA added to the device? Of course, the open part of the key
I would like to establish SSTP session from mobile like from Windows (without certificates on client side). For sure, I have installed CA certificate on Mikrotik side (SSTP server) and can use SSTP from Windows (without certificates).
sifaaa
commented
1 month ago @strelok00 I'm not talking about client certificates, on the devices from which the connection is made, you need to add the CA that is on the Mikrotik.
I use Google Translate
Hi, I'm trying to establish SSTP session via OPEN SSL client without clients certificates, using login/password. As SSTP server I use mikrotik (ROS 7.15.1) with installed LetsEncrypt certificate.
I have following settings in Open SSTP client:
Hostname Username Password
Verify Hostname - disabled Specify Trusted Cert - disabled SSL Version - default HTTP Proxy - disabled PPP Auth proto - PAP, MSCHAPv2 PPP Net proto IPv4 - enabled
After I try establish session I can see in logs following messages: CERT_PATH: ERR_VERIFICATION_FAILED Trust anchor for certification path not found.
So, why it searching certificate If I don't want use certificate on client side ?