4. OpenVPN Client Export and verify-x509-name vs tls-remote

OpenVPN Client Export and verify-x509-name vs tls-remote

  • Rebel Alliance Developer Netgate

    I updated the OpenVPN Client Export package (now 1.2.1) and changed how the server CN verification works. It should be fairly automatic and self-explanatory but here's a bit of info:

    • At the default, it will use verify-x509-name and quote the server CN, since I couldn't find any OpenVPN 2.3 client that rejected the quoted server CN.
    • You can force it to use tls-remote, with or without quoting the server CN since some clients break with/without that.
    • You can now also choose to disable server CN verification

    I hope that clears up any of the recent mess.

    0
  • Rebel Alliance Developer Netgate

    Missed a file in the last commit, it's 1.2.2 now, should be OK to try.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy