Direct Restore to Microsoft Azure | VeeamPN software-defined networking
Post Reply
mcz
Expert
Posts: 297
Liked: 53 times
Joined: Jul 19, 2016 8:39 am
Full Name: Michael
Contact:

veeamPN on azure - certificate invalid

Post by mcz » Mar 04, 2019 2:31 pm

Last week I created a VM on azure for the veeamPN hub. I used the official template on the marketplace, installation was nice and easy. I then tried to access the machine via https with the public ip which worked but of course I got the warning about the invalid certificate.

AFAIK, there is no option to provide a e.g. self-signed certificate or a certificate from a offical CA before the vm gets deployed. I mean in the current configuration your data will still be encrypted but you are not safe from MITM-attacks. Since I've got no control of what's going on between azure and our infrastructure (=internet) I can not be sure that nobody is manipulating or sniffing on the stream. I know it sounds a little bit paranoid but I always do care about security.

How can I compare the thumbprint of the provided and "real" certificate to make sure that the connection is compliant?

Thanks!

AVasilyev
Veeam Software
Posts: 60
Liked: 14 times
Joined: Jan 01, 2006 1:01 am
Contact:

Re: veeamPN on azure - certificate invalid

Post by AVasilyev » Mar 08, 2019 4:01 am

Micheal,

Thank you for your suggestion! You are correct - VeeamPN is generating the self-signed certificate during the installation, that's why you see that awful notification in your browser.
We will consider adding an option to specify a user-provided certificate.

For now I would suggest you to follow this very simple and effective procedure to automatically obtain and install free SSL certificate from LetsEncrypt organization: https://certbot.eff.org/lets-encrypt/ub ... ial-apache. I just tested it on my VeeamPN hub in Azure - it worked like a charm!

One hint to the procedure - I would recommend to skip one of the last step in the interactive procedure - please don't add "forwarding of all traffic to https" since it is already implemented in our installation.

Thank you,
Alexey

mcz
Expert
Posts: 297
Liked: 53 times
Joined: Jul 19, 2016 8:39 am
Full Name: Michael
Contact:

Re: veeamPN on azure - certificate invalid

Post by mcz » Mar 11, 2019 2:45 pm

Hey Alexey,

thank you very much for this very useful procedure. As you said it works like a charm.

Thanks you!

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests