[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] server logging into itself?

  • Subject: Re: [Openvpn-users] server logging into itself?
  • From: James Yonan <jim@xxxxxxxxx>
  • Date: Thu, 31 Jan 2008 21:34:12 -0700

JJB wrote:
> openvpn-status.log
>,james,,Thu Jan 31 11:55:48 2008
>,dave,,Thu Jan 31 11:58:18 2008
>,mark,,Wed Jan 30 18:06:46 2008
>,vpn-server,,Thu Jan 31 11:58:20 2008
> Does anyone know why the server itself is connected via openvpn with the 
> Could this happen if the server certificate or master certificate was 
> accidentally given to a user?

Yes, it could.  If you build your client and server certificates with 
explicit key usage that indicates which certificates are client or 
server (for example using pkitool --server), you could use the 
ns-cert-type or remote-cert-tls in the server config to deny connections 
from server certificates that would otherwise have been accepted.


Openvpn-users mailing list