What options are there for managing Azure VPN Client Certificates?

Jeremy 136 Reputation points
2022-04-08T14:18:29.19+00:00

I am planning to use Azure's Point-to-Site (P2S) solution for remotely connecting users to our Azure network via OpenVPN.

As I have users logging in from both Windows and Linux, it seems that I will need to use Client Credential style authentication.

The documentation shows how to make a client certificate using powershell or linux commands. (I've linked the powershell, as the linux commands didn't work for me)

My question is: What options are out there for managing (creating and storing) the client certificates that I need to generate for all my users?

I thought the Azure Key Vault might be useful but it only really deals with SSL certs. I don't think managing this list in a Spreadsheet is a very secure solution.

Ideally the solution would:

  • Be free/open source
  • Be part of Azure's tools (or if not, maybe be something lightweight like an ubuntu server app)
  • Simplify the generation of the client certs.
  • Allow me to name and view all past created certificates under a given root certificate
Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,422 questions
{count} votes