VPN Server with Windows Server: Installation and Configuration


The SSTP tunnel is based on port 443 (HTTPS) which can be used in most WIFI connections.

Setting up the VPN SSTP requires configuring the certificate used for the connection. This must be installed in the personal store of the computer.

To work, the certificate authority must be known to the clients.

It is possible to use a self-signed certificate on the server, in which case the certificate must be installed on the clients in the Trusted Root Certification Authority store. If you are using a standalone or enterprise CA, you just need to deploy the authority certificate.

VPN Service Configuration – Routing and Remote Access

On the VPN server from the Routing and Remote Access console, open the server properties, on the Security tab 1 in the SSL certificate link section, choose the certificate 2 and validate by clicking Apply. 3 and OK 4 .

Select certificate

The changes require a restart of the service, confirm by clicking Yes 1 .

Restart service

Customer configuration

The login host name in the General tab must be a DNS name 1 present in the certificate.

Connection host name

As for the PPTP VPN tunnel, it is possible to force the type in the Security tab 1 by selecting SSTP 2 .

SSTP type


As for the PPTP tunnel, it is possible to force the SSTP tunnel into the network strategy.

Type de serveur VPN : SSTP / VPN server type: SSTP

Error: The revocation function could not verify the revocation because the revocation server was disconnected

If you are using a self-signed certificate or from a private CA that does not publish the revocation list on the Internet, you must add a registry key to the client to bypass this verification.

Open the registry editor and go to the location : HLM\SYSTEM\CurrentControlSet\Services\SstpSvc\Parameters and add the key (DWORD) NoCertRevocationCheck by assigning it the value 1.