Routing and Remote Access Server

RAS server

Certificate renewal

When renewing the certificate for the VPN connection on the RAS server you will need to update the registry keys for the SSTP service for the new certificate. use the following commands

1
2
3
4

$Thumbprint = 
$Cert = Get-ChildItem -Path Cert:\LocalMachine\My\$thumbprint
Set-RemoteAccess -SslCertificate $Cert
Restart-Service RemoteAccess -Passthru

the Reg keys are located here:

HKLM:\SYSTEM\CurrentControlSet\Services\SstpSvc\parameters\SHA256CertificateHash

HKLM:\SYSTEM\CurrentControlSet\Services\SstpSvc\parameters\SHA1CertificateHash