SSTP via Cloudflare SSL?


Wondering if anyone has had luck configuring an SSTP / IIS server with Cloudflare SSL and a proxy’d A record.

We have the Trusted Root CA cert imported, setup the Origin cert in IIS for the SSTP site, but are getting some funny responses when we try to connect. If we disable the A record proxy, the SSTP server throws a fit about untrusted certs.

Not sure where we’re going wrong, or if what we want is even feasible. I don’t want to give up on this, but I’m pulling my hair out and about ready to just buy a cert from GD or the like.

Are you trying to proxy SSTP via Cloudflare over port 443?
I can’t imagine that it is going to work well even if you got it to work. Cloudflare was designed for HTTP(S) and while you can do other ports with Spectrum the core of the ports are HTTP/HTTPS

The entire SSTP protocol takes place over 443. It’s basically Windows SSL VPN.

Ideally it wouldn’t be proxy’d, but it was my understanding that you had to proxy in order to use Cloudflare SSL, as the client certs can’t be used in IIS.

So, unless I’m missing something, it sounds like we probably need to just grab a normal SSL cert from a non-Cloudflare provider. :confused:

Just because it’s Port 443, it doesn’t mean Cloudflare can proxy non-HTTPS traffic over it.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.