Changes between Version 15 and Version 16 of Openvpn24ManPage
- Timestamp:
- 10/31/19 08:44:49 (4 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Openvpn24ManPage
v15 v16 6 6 {{{ 7 7 #!html 8 <H1>openvpn</H1>9 8 Section: Maintenance Commands (8)<BR><A HREF="#index">Index</A> 10 9 … … 5626 5625 Not available with mbed TLS. 5627 5626 <P> 5628 When using the 5629 <B>--capath</B> 5630 5631 option, you are required to supply valid CRLs for the CAs too. CAs in the 5632 capath directory are expected to be named <hash>.<n>. CRLs are expected to 5633 be named <hash>.r<n>. See the 5627 CAs in the capath directory are expected to be named <hash>.<n>. CRLs are 5628 expected to be named <hash>.r<n>. See the 5634 5629 <B>-CApath</B> 5635 5630 … … 5647 5642 5648 5643 for more information. 5644 <P> 5645 Similarly to the 5646 <B>--crl-verify</B> 5647 5648 option CRLs are not mandatory - OpenVPN will log the usual warning in the logs 5649 if the relevant CRL is missing, but the connection will be allowed. 5649 5650 5650 5651 <DT><B>--dh file</B> … … 6537 6538 <P> 6538 6539 These arguments are, respectively, the current certificate depth and 6539 the X509 common name (cn) of the peer.6540 the X509 subject distinguished name (dn) of the peer. 6540 6541 <P> 6541 6542 This feature is useful if the peer you want to trust has a certificate … … 6831 6832 The only time when it would be necessary to rebuild the entire PKI from scratch would be 6832 6833 if the root certificate key itself was compromised. 6834 <P> 6835 The option is not mandatory - if the relevant CRL is missing, OpenVPN will log 6836 a warning in the logs - e.g. "<I>VERIFY WARNING: depth=0, unable to get 6837 certificate CRL</I>" - but the connection will be allowed. 6833 6838 <P> 6834 6839 If the optional … … 9199 9204 <A HREF="/man/man2html">man2html</A>, 9200 9205 using the manual pages.<BR> 9201 Time: 12: 29:12 GMT, February 20, 20199206 Time: 12:38:22 GMT, October 30, 2019 9202 9207 }}}