• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

OpenVPN "Enforce key usage" configuration option.

Scheduled Pinned Locked Moved OpenVPN
2 Posts 1 Posters 592 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • J
    Jimbo123
    last edited by Aug 29, 2022, 2:38 AM

    I noticed today that there's an "Enforce key usage" option in my OpenVPN client configuration options which says that it's to "Verify that the remote host uses a server certificate".

    It's toggled on by default and must have landed in the 2.6.0 release as I've never noticed it before and as far as I can find there's no documentation on it as of yet.

    I'm guessing that this adds the "remote-cert-tls server" command when toggled on client side. Can anyone confirm or correct me on this?

    Cheers.

    J 1 Reply Last reply Aug 30, 2022, 2:20 AM Reply Quote 0
    • J
      Jimbo123 @Jimbo123
      last edited by Jimbo123 Aug 30, 2022, 2:20 AM Aug 30, 2022, 2:20 AM

      @jimbo123 I've since found this Redmine that seems to confirm that the option adds
      "remote-cert-tls server" in the config for the client:

      https://redmine.pfsense.org/issues/11865

      This is the option that has been added to the "Cryptographic Settings" in OpenVPN client configuration options.

      Screenshot from 2022-08-30 03-13-20.png

      1 Reply Last reply Reply Quote 0
      1 out of 2
      • First post
        1/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received