Install client certificates for P2S certificate authentication connections
Article
When a P2S VPN gateway is configured to require certificate authentication, each client computer must have a client certificate installed locally. This article helps you install a client certificate locally on a client computer. You can also use Intune to install certain VPN client profiles and certificates.
For information about generating certificates, see the Generate certificates section of the Point-to-site configuration article.
Windows
Once the client certificate is exported, locate and copy the .pfx file to the client computer.
On the client computer, double-click the .pfx file to install. Leave the Store Location as Current User, and then select Next.
On the File to import page, don't make any changes. Select Next.
On the Private key protection page, input the password for the certificate, or verify that the security principal is correct, then select Next.
On the Certificate Store page, leave the default location, and then select Next.
Select Finish. On the Security Warning for the certificate installation, select Yes. You can comfortably select 'Yes' for this security warning because you generated the certificate.
The certificate is now successfully imported.
macOS
Locate the .pfx certificate file and copy it to your Mac. You can get the certificate to the Mac in several ways. For example, you can email the certificate file.
Double-click the certificate. You'll either be asked to input the password and the certificate will automatically install, or the Add Certificates box will appear. On the Add Certificates box, click Add to begin the install.
Select login from the dropdown.
Enter the password that you created when the client certificate was exported. The password protects the private key of the certificate. Click OK.
Click Add to add the certificate.
To view the added certificate, open the Keychain Access application and navigate to the Certificates tab.
Linux
The Linux client certificate is installed on the client as part of the client configuration. There are a few different methods to install certificates. You can use strongSwan, or OpenVPN client steps.
Configure VPN clients
To continue configuration, go back to the VPN client instructions that you were working with. You can use this table to locate the link:
Network configuration and the use of Virtual Private Networks (VPNs) is integral to the success of collaborative working. In this module, we look at how to monitor and troubleshoot site-to-site and point-to-site VPNs. AZ720 AZ-720 az-720 networking
Plan and execute an endpoint deployment strategy, using essential elements of modern management, co-management approaches, and Microsoft Intune integration.
Learn how to configure VPN clients for P2S configurations that use certificate authentication. This article applies to Windows and the Azure VPN client.
Learn how to configure VPN clients for P2S configurations that use certificate authentication. This article applies to Windows and the OpenVPN Client 2.x series - 2.4 and higher.