Changes between Version 15 and Version 16 of Openvpn24ManPage


Ignore:
Timestamp:
10/31/19 08:44:49 (7 months ago)
Author:
Samuli Seppänen
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • Openvpn24ManPage

    v15 v16  
    66{{{
    77#!html
    8 <H1>openvpn</H1>
    98Section: Maintenance Commands (8)<BR><A HREF="#index">Index</A>
    109
     
    56265625Not available with mbed TLS.
    56275626<P>
    5628 When using the
    5629 <B>--capath</B>
    5630 
    5631 option, you are required to supply valid CRLs for the CAs too.  CAs in the
    5632 capath directory are expected to be named &lt;hash&gt;.&lt;n&gt;.  CRLs are expected to
    5633 be named &lt;hash&gt;.r&lt;n&gt;.  See the
     5627CAs in the capath directory are expected to be named &lt;hash&gt;.&lt;n&gt;. CRLs are
     5628expected to be named &lt;hash&gt;.r&lt;n&gt;. See the
    56345629<B>-CApath</B>
    56355630
     
    56475642
    56485643for more information.
     5644<P>
     5645Similarly to the
     5646<B>--crl-verify</B>
     5647
     5648option CRLs are not mandatory - OpenVPN will log the usual warning in the logs
     5649if the relevant CRL is missing, but the connection will be allowed.
    56495650
    56505651<DT><B>--dh file</B>
     
    65376538<P>
    65386539These arguments are, respectively, the current certificate depth and
    6539 the X509 common name (cn) of the peer.
     6540the X509 subject distinguished name (dn) of the peer.
    65406541<P>
    65416542This feature is useful if the peer you want to trust has a certificate
     
    68316832The only time when it would be necessary to rebuild the entire PKI from scratch would be
    68326833if the root certificate key itself was compromised.
     6834<P>
     6835The option is not mandatory - if the relevant CRL is missing, OpenVPN will log
     6836a warning in the logs - e.g. &quot;<I>VERIFY WARNING: depth=0, unable to get
     6837certificate CRL</I>&quot; - but the connection will be allowed.
    68336838<P>
    68346839If the optional
     
    91999204<A HREF="/man/man2html">man2html</A>,
    92009205using the manual pages.<BR>
    9201 Time: 12:29:12 GMT, February 20, 2019
     9206Time: 12:38:22 GMT, October 30, 2019
    92029207}}}