Changes between Version 4 and Version 5 of UsingPolarSSL
- Timestamp:
- 07/21/14 11:18:03 (10 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
UsingPolarSSL
v4 v5 1 1 = Introduction = 2 2 3 PolarSSL support is fully integrated with mainline OpenVPN since 2.3. Status of the integration is viewable from [wiki:PolarSSLintegration this page]. 3 Since version 2.3, OpenVPN can be built using PolarSSL as it's crypto backend, instead of OpenSSL. See [https://polarssl.org/] for more information on PolarSSL. 4 4 5 5 = Limitations compared to OpenSSL = 6 6 7 Author of the patchset [http://sourceforge.net/mailarchive/message.php?msg_id=27751181 said] the following: 7 Note that the PolarSSL variant of OpenVPN does not support the same featureset as the OpenSSL variant. The most prominent differences are listed in the latest [https://github.com/OpenVPN/openvpn/blob/master/README.polarssl README.polarssl]. 8 8 9 = Building the PolarSSL-enabled OpenVPN = 10 11 OpenVPN 2.3 has full PolarSSL support. Get the sources from [http://openvpn.net/index.php/open-source/downloads.html the download page], or get the most recent (potentially unstable) code [https://github.com/OpenVPN/openvpn from github]. 12 13 To build using polarssl: 9 14 {{{ 10 Note that due to limitations in PolarSSL, it is still missing a number of features: 11 12 * PKCS#12 file support 13 * --capath support - Loading certificate authorities from a directory 14 * Windows CryptoAPI support 15 * Management external key support 16 * X.509 alternative username fields (must be "CN") 17 18 Plugin/Script features: 19 20 * X.509 Serial number is in hex, not decimal as with OpenSSL 21 * X.509 subject line has a different format than the OpenSSL subject line 22 * X.509 certificate export does not work 23 * X.509 certificate tracking 15 ./configure --with-crypto-library=polarssl 16 make 17 make install 24 18 }}} 25 19 26 Latest [https://github.com/andj/openvpn-ssl-refactoring/blob/f543aafc52d8885c36ced7bf0eb74919dc6bb75f/README.polarssl README.polarssl] may contain more recent information.27 28 = Getting the PolarSSL-enabled OpenVPN =29 30 OpenVPN 2.3 has full PolarSSL support.31 32 {{{33 ./configure --with-ssl-type=polarssl34 make35 make install36 }}}37