Version 4 (modified by 10 years ago) (diff) | ,
---|
Introduction
PolarSSL support is fully integrated with mainline OpenVPN since 2.3. Status of the integration is viewable from this page.
Limitations compared to OpenSSL
Author of the patchset said the following:
Note that due to limitations in PolarSSL, it is still missing a number of features: * PKCS#12 file support * --capath support - Loading certificate authorities from a directory * Windows CryptoAPI support * Management external key support * X.509 alternative username fields (must be "CN") Plugin/Script features: * X.509 Serial number is in hex, not decimal as with OpenSSL * X.509 subject line has a different format than the OpenSSL subject line * X.509 certificate export does not work * X.509 certificate tracking
Latest README.polarssl may contain more recent information.
Getting the PolarSSL-enabled OpenVPN
OpenVPN 2.3 has full PolarSSL support.
./configure --with-ssl-type=polarssl make make install