|
|
Hi I use the tls-remote directive on my clients. The man pages say *--tls-remote name* Accept connections only from a host with X509 name or common name equal to *name now here is the subbject line of the server certificate Subject: C=CH, L=Schlieren, O=Ruf Telematik, CN=openvpn@xxxxxxxxxxxxxxx/emailAddress=openvpn@xxxxxxxxxxxxxxx and this is the client.conf entry tls-remote openvpn@xxxxxxxxxxxxxxx/emailAddress=openvpn@xxxxxxxxxxxxxxx here is the logged error Tue Apr 05 14:44:37 2005 VERIFY OK: depth=1, /C=CH/L=Schlieren/O=Ruf_Telematik/OU=ASP/CN=AspCA/emailAddress=ca@xxxxxxxxxx Tue Apr 05 14:44:37 2005 VERIFY X509NAME ERROR: /C=CH/L=Schlieren/O=Ruf_Telematik/CN=openvpn@xxxxxxxxxxxxxxx/emailAddress=openvpn@xxxxxxxxxxxxxxx, must be openvpn@xxxxxxxxxxxxxxx/emailAddress=openvpn@xxxxxxxxxxxxxxx It appears as if the CN is not recognized, it tries to use the complete subject for a comparison BTW, this is Windoze GUI latest vs. OpenVPN 2.0rc18 cheers Erich * ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-04/msg00053.html on line 202 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-04/msg00053.html on line 202 |