wiki:UsingPolarSSL

Version 4 (modified by krzee king, 10 years ago) (diff)

--

Introduction

PolarSSL support is fully integrated with mainline OpenVPN since 2.3. Status of the integration is viewable from this page.

Limitations compared to OpenSSL

Author of the patchset said the following:

Note that due to limitations in PolarSSL, it is still missing a number of features:

 * PKCS#12 file support
 * --capath support - Loading certificate authorities from a directory
 * Windows CryptoAPI support
 * Management external key support
 * X.509 alternative username fields (must be "CN")

Plugin/Script features:

 * X.509 Serial number is in hex, not decimal as with OpenSSL
 * X.509 subject line has a different format than the OpenSSL subject line
 * X.509 certificate export does not work
 * X.509 certificate tracking

Latest README.polarssl may contain more recent information.

Getting the PolarSSL-enabled OpenVPN

OpenVPN 2.3 has full PolarSSL support.

./configure --with-ssl-type=polarssl
	make
	make install