diff options
author | jim-p <jimp@pfsense.org> | 2013-07-11 09:55:54 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2013-07-11 09:56:53 -0400 |
commit | 4f04e374e024c87496a6d8556975ff191fef461a (patch) | |
tree | 1ce56308e65d733b83870de1e1e603327499d1f9 /config | |
parent | 3ca1b0aaa7268c362b644d656a6b01cececfd844 (diff) | |
download | pfsense-packages-4f04e374e024c87496a6d8556975ff191fef461a.tar.gz pfsense-packages-4f04e374e024c87496a6d8556975ff191fef461a.tar.bz2 pfsense-packages-4f04e374e024c87496a6d8556975ff191fef461a.zip |
When we don't need a client cert, add a line to tell the client that we don't need a client cert, or else the OpenVPN Connect app will try to force the user to pick one.
Diffstat (limited to 'config')
-rwxr-xr-x | config/openvpn-client-export/openvpn-client-export.inc | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc index 06a0928c..d88d988f 100755 --- a/config/openvpn-client-export/openvpn-client-export.inc +++ b/config/openvpn-client-export/openvpn-client-export.inc @@ -383,6 +383,9 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $quotese $conf .= "<cert>{$nl}" . trim(base64_decode($cert['crt'])) . "{$nl}</cert>{$nl}"; // Inline Key $conf .= "<key>{$nl}" . trim(base64_decode($cert['prv'])) . "{$nl}</key>{$nl}"; + } else { + // Work around OpenVPN Connect assuming you have a client cert even when you don't need one + $conf .= "setenv CLIENT_CERT 0{$nl}"; } // Inline TLS if ($settings['tls']) { |