|
|
do a
openssl x509 -text -noout -in <your-server-cert>
and look at the X509v3 extensions section; for a 'Netscape Server' I get
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Cert Type:
SSL Server
Netscape Comment:
OpenSSL Generated Server Certificate
X509v3 Subject Key Identifier:
...
X509v3 Authority Key Identifier:
...
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Digital Signature, Key Encipherment
HTH,
JJK
Dave wrote:
> Hello,
> I've got an openvpn server that i have to manage. One thing i want to do
> is set all clients to verify the server certificate. I do not know if the
> server's certificate was generated with it's ns cert type set to server,
> i've now set the openssl config file to generate all future keys set to
> server. I'd rather not regenerate and redistribute this key unless i have
> to, is there a way i can check the existing server keys to see what their ns
> cert value is?
>
____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2008-02/msg00031.html on line 209
Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2008-02/msg00031.html on line 209
|