Windows 10 SSTP with self-signed certificates

I can’t seem to get the Windows 10 sstp client to connect to the (router) sstp server

I have tried numerous combinations when creating my self signed certificates (ca & server) but I have to admit that I’m a little stumped

CA : + Server : +

Windows 10 : +

Q1) When installing the certificate in Windows I usually select [Local Computer] certificate store rather than [current user]. Is it normal for Windows to also install a copy in the [current user] store ? If so what is the point of this duplicate certificate installation ?

Q2) When installing the certificate into the “Trusted Root Certificate Authorities” for [current user] I obtain the following warning : – why don’t I get this same warning when installing via [Local Computer] ?

Q3) What is the meaning of the yellow triangle with exclamation mark on both [Basic Constraints] and [Key Usage] ? +

Q4) Why doesn’t the SSTP client ( detect the presence of the previously installed (sstp server’s ca) certificate ?

Q5) I feel like my multiple certificate installation attempts may have ‘polluted’ my Windows’ certificate store. Is this possible ? If so is there a way to ‘clean up’ the certificate store (besides manually deleting unwanted certificates) ?

Q6) I believe that this used to work with Windows 10 before but, maybe because of the regular updates, things seem to have changed ?

regards yann