Den 25. aug 2004, kl. 19:53, skrev Tarjei Huse:
Jon Bendtsen wrote:
But, when you create the users certificate, you have to add an
Den 25. aug 2004, kl. 15:38, skrev Mathias Sundman:
On Wed, 25 Aug 2004, Jon Bendtsen wrote:
I was thinking of putting up a public wifi network that directed
people to download a openvpn package, such that they can connect to
the openvpn server and from there to the internet. I want the extra
openvpn to authenticate who people are, and to protect me from other
people injecting packets so they look like mine.
I read somewhere that if i use the root ca from a "official" root ca
then anyone signed with that root ca can connect to my openvpn
server. However, in order for me to prove who the user was, i would
prefer if i had more than just the common name of the user, to prove
who it was. What other information do i need, and does openvpn
already log it?
Is there a particular attribute of the certificate you want logged?
something that unique that identifies JUST this user. I suppose that
gives all certificates a serial number. I want to log this number.
I guess WYSIWYG! Here's what my server logs from my in-offical cert:
Wed Aug 25 12:00:28 2004 xxx.xx.xx.xx:4650 VERIFY OK: depth=1,
Wed Aug 25 12:00:28 2004 xxx.xx.xx.xx:4650 VERIFY OK: depth=0,
Hmm, seems like there is no serial number.
to the cert. Then all you need to do is make sure this is unique
but i dont create the certificates. TDC a private danish phone company
creates the certificates for the danish goverment. The idea was to set
a public WIFI and let everyone use it, but having people authenticate
themselves through their certificate, such that i wouldnt get into
Openvpn-users mailing list