Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    "Strict User/CN Matching" is missing & "cryptoapicert" it does not work anymore

    Scheduled Pinned Locked Moved OpenVPN
    7 Posts 2 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pfScool
      last edited by

      the update from the version "2.2.6-RELEASE (amd64)" to the version "2.4.4-RELEASE-p2 (amd64)" worked correctly.
      Many thanks for your great work!

      Unfortunately in the last version I miss the option "Strict User/CN Matching" in the OpenVPN Server configuration.

      The tests have shown that a login with the OpenVPN client works, even if the configuration parameter (cryptoapicert "SUBJ: myLogiUser")
      is removed in the client. User/CN matching is not checked by the server.

      Is this a mistake?
      What can I do to re-enable the "Strict User/CN Matching" option?

      Thanks for any help or ideas!

      1 Reply Last reply Reply Quote 0
      • RicoR
        Rico LAYER 8 Rebel Alliance
        last edited by Rico

        No problem here with 2.4.4-RELEASE-p2
        0_1548789045702_openvpn_sucnmatch.png
        Share your Settings (Screenshots).
        Consider Strict User-CN Matching is only available in Remote Access (SSL/TLS + User Auth) Mode.

        -Rico

        1 Reply Last reply Reply Quote 0
        • P
          pfScool
          last edited by

          with me it is not displayed.
          0_1548790120282_Strict-User-CN-Matching.jpg

          1 Reply Last reply Reply Quote 0
          • RicoR
            Rico LAYER 8 Rebel Alliance
            last edited by

            Show your Settings from top.
            0_1548790507885_openvpn.png

            -Rico

            P 1 Reply Last reply Reply Quote 0
            • P
              pfScool @Rico
              last edited by

              @rico I'm trying a power off / on now.0_1548790965496_Strict-User-CN-Matching-2.jpg

              P 1 Reply Last reply Reply Quote 0
              • P
                pfScool @pfScool
                last edited by

                @rico: after the power off/on it was there. I've restarted it five times for testing (not off/on) and it's always there now. Thank you for your help. 👍

                1 Reply Last reply Reply Quote 0
                • RicoR
                  Rico LAYER 8 Rebel Alliance
                  last edited by

                  Glad you have it working now.

                  -Rico

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.