Unique CN but allow duplicate username
-
Hi,
My goal is to let some users to have multiple client certificates and allow them to login in two or more devices with the same username. For instance, user1 can login to the server with two client certificates, laptop and mobile phone, and only one username.
I configured an OpenVPN server to log in with client certificate and remote login.
- Server mode = Remote Access (SSL/TLS + User Auth)
If I try to login with the same username and different certificates I get the next error:
MULTI: new connection by client 'user1' will cause previous active sessions by this client to be dropped. Remember to user the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
The server option duplicate-cn let me to login with the same username but also let me to duplicate the client certificate. I preffer to avoid the use of the same client certificate more than once.
I read some old post regarding this topic but couldnt find a solution since the code seems to be updated.
https://forum.netgate.com/topic/139892/unique-cn-common-username/2
Its possible to do it? I also have read the server options for OpenVPN but couldnt find anything.
Regards, Adrian.
-
Not sure if this is supported by the openvpn binary
you can check it on https://community.openvpn.net/openvpn/report/