|
|
On Wed, 6 Apr 2005, Nik wrote: > Erich Titl schrieb: > > > here is more info > > > > if I enter the complete subject line in the config file > > > > tls-remote "/C=CH/L=Schlieren/O=Ruf > > Telematik/CN=openvpn@xxxxxxxxxxxxxxx/emailAddress=openvpn@xxxxxxxxxxxxxxx" > > > > the following error occurs > > > > Tue Apr 05 15:27:51 2005 VERIFY OK: depth=1, > > /C=CH/L=Schlieren/O=Ruf_Telematik/OU=ASP/CN=AspCA/emailAddress=ca@xxxxxxxxxx > > Tue Apr 05 15:27:51 2005 VERIFY X509NAME ERROR: > > /C=CH/L=Schlieren/O=Ruf_Telematik/CN=openvpn@xxxxxxxxxxxxxxx/emailAddress=openvpn@xxxxxxxxxxxxxxx, > > must be /C=CH/L=Schlieren/O=Ruf > > Telematik/CN=openvpn@xxxxxxxxxxxxxxx/emailAddress=openvpn@xxxxxxxxxxxxxxx > > I came across this as well. Something (openvpn, openssl, etc) changes > spaces in the X509 name into underscores for the purposes of this > comparison. To prevent scripting attacks, OpenVPN does string remapping on all strings which can potentially be saved in the environment or passed to scripts: http://openvpn.net/man.html#lbAR James ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-04/msg00064.html on line 205 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-04/msg00064.html on line 205 |