Version 2 (modified by 13 years ago) (diff) | ,
---|
Introduction
PolarSSL support is not yet (11th Aug 2011) fully integrated with mainline OpenVPN. Status of the integration is viewable from this page. First OpenVPN 2.3 alpha will be the first official release to include full PolarSSL support.
Limitations compared to OpenSSL
Author of the patchset said the following:
Note that due to limitations in PolarSSL, it is still missing a number of features: * PKCS#12 file support * --capath support - Loading certificate authorities from a directory * Windows CryptoAPI support * Management external key support * X.509 alternative username fields (must be "CN") Plugin/Script features: * X.509 Serial number is in hex, not decimal as with OpenSSL * X.509 subject line has a different format than the OpenSSL subject line * X.509 certificate export does not work * X.509 certificate tracking
Latest README.polarssl may contain more recent information.
Getting the PolarSSL-enabled OpenVPN
This external Git tree has full PolarSSL support. Please use that while the patches are being in integrated into mainline OpenVPN.