Use a certificate and establish an AWS Client VPN connection on Windows

To use a certificate and establish a connection

1. Create a .pfx file that contains the client certificate and the private key.

2. Import the .pfx file to your personal certificate store, on your local computer. For more information, see How to: View certificates with the MMC snap-in on the Microsoft website.

3. Verify that your account has permissions to read the local computer certificate. You can use the Microsoft Management Console to modify the permissions. For more information, see Rights to see the local computer certificates store on the Microsoft Technet website.

4. Update the OpenVPN configuration file and specify the certificate by using either the certificate subject, or the certificate thumbprint.

   The following is an example of specifying the certificate by using a subject.

   cryptoapicert “SUBJ:Jane Doe”

   The following is an example of specifying the certificate by using a thumbprint. You can find the thumbprint by using the Microsoft Management Console. For more information, see How to: Retrieve the Thumbprint of a Certificate on the Microsoft Technet website.

   cryptoapicert “THUMB:a5 42 00 42 01"

5. After you complete the configuration, use OpenVPN to establish a VPN connection by doing one of the following:

   • Use the OpenVPN GUI client application

     1. Start the OpenVPN client application.

     2. On the Windows taskbar, choose Show/Hide icons. Right-click OpenVPN GUI, and then choose Import file.

     3. In the Open dialog box, select the configuration file that you received from your Client VPN administrator and choose Open.

     4. On the Windows taskbar, choose Show/Hide icons. Right-click OpenVPN GUI, and then choose Connect.

   • Use the OpenVPN GUI Connect Client

     1. Start the OpenVPN application, and choose Import, From local file.....

     2. Navigate to the configuration file that you received from your VPN administrator, and choose Open.