|
|
Hello, I don't understand the scenario. Which is the client and which is the server? Why you connect to client machines? Do you work peer-to-peer? Best Regards, Alon Bar-Lev. On 8/16/06, Nagy Tamás <tamaslev@xxxxxxxxx> wrote: > Hello, > > I have a few openvpn installations with tls-remote <companyname> in the > config file. I issue certificates with common name = companyname_username, > so they can only logon if companyname matches in the certificate with > tls-remote. > > Now I would like to issue a few master keys, and these should be able to > logon to any machines. For example common name = Master_username. So the > openvpn server would have to check if the connecting client's commonname > beigns with companyname OR Master, then login is permitted. > > Can this be done somehow? I tried tls-verify, but my script gets called with > an argument list, where the second one is the server certificate's > commonname. If I could get the connecting client's CN, that would solve the > problem. Or if I could use tls-remote twice. > > Any suggestions appreciated. > > -- > Tamás Nagy > > > ------------------------------------------------------------------------- > Get stuff done quickly with pre-integrated technology to make your job > easier > > _______________________________________________ > Openvpn-users mailing list______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users |