Point 2 Site VPN op basis van certificaat

https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-certificates-point-to-site

https://www.youtube.com/watch?v=NUDgBsDGv30

scripts:

Create client certificate:

$params = @{

       Type = 'Custom'

       Subject = 'CN=vulnaamin'

       DnsName = 'vulnaamin'

       KeySpec = 'Signature'

       KeyExportPolicy = 'Exportable'

       KeyLength = 2048

       HashAlgorithm = 'sha256'

       NotAfter = (Get-Date).AddMonths(96)

       CertStoreLocation = 'Cert:\CurrentUser\My'

       Signer = $cert

       TextExtension = @(

        '2.5.29.37={text}1.3.6.1.5.5.7.3.2')

   }

   New-SelfSignedCertificate @params

Create Root certificate:

$params = @{

    Type = 'Custom'

    Subject = 'CN=vulnaamin'

    KeySpec = 'Signature'

    KeyExportPolicy = 'Exportable'

    KeyUsage = 'CertSign'

    KeyUsageProperty = 'Sign'

    KeyLength = 2048

    HashAlgorithm = 'sha256'

    NotAfter = (Get-Date).AddMonths(96)

    CertStoreLocation = 'Cert:\CurrentUser\My'

}

$cert = New-SelfSignedCertificate @params

Extra:

Achterhaal Thumbprint:

Get-ChildItem -Path "Cert:\CurrentUser\My"

Certificaat installeren op basis van thumbprint:

$cert = Get-ChildItem -Path "Cert:\CurrentUser\My\Thumbprint"