id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc 530,OpenVPN-GUI Dynamic client FQDN and cryptoapi certificate selection,liamdennehy,Heiko Hund,"Hello. I am trying to use OpenVPN-GUI using the CryptoAPI to retrieve the machine's certificate which is working fine (so fine I think it resolves bug 388?). The issue is that the SUBJ: requirement for locating the correct certificate is specific to each system, meaning I cannot use a common ovpn configuration file, or would need to generate it dynamically for each installation. The default for Active Directory Certificate Services is to use the machine FQDN (hostname.AD-domain-name) as the certificate CN for autoenrolled or manually-enrolled computer certificates. I would like OpenVPN-GUI to use information in the registry to compile this FQDN and submit it to the openvpn.exe as a parameter to the CryptoAPICert command for the SUBJ: field, meaning no client-specific changes to a configuration file. this also means the client can work out-the-box more easily for sites that deploy computer certificates in this way (once a valid configuration file is defined). The machine FQDN can be complied by retrieving the following two Windows Registry String values: HKLM/System/CurrentControlSet/services/Tcpip/Parameters: Hostname HKLM/System/CurrentControlSet/services/Tcpip/Parameters: Domain There are NV Domain and NV Hostname parameters also present, but I do not believe they are more functional than the two above: Any disparity between the values of each respective key is likely a highly customised environment not worth supporting in this way. Apologies for not proposing a GUI enhancement myself, but this seems like something a tickbox would achieve in the GUI, with an associated registry key which can be easily controlled by Windows policy. I would propose a directive in the configuration file but this may not be appropriate as it does not apply to non-windows clients.",Feature Wish,assigned,minor,,Windows GUI,OpenVPN 2.3.5 (Community Ed),"Not set (select this one, unless your'e a OpenVPN developer)",,windows,