aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2010-07-01 09:14:11 -0400
committerjim-p <jimp@pfsense.org>2010-07-01 09:15:44 -0400
commitf6cc1aad279ba95d70eb3c6a564eb50152cbeb63 (patch)
treeb040517095cb4afaff94a56910328cd476bc8b6e /config
parentb49162af1d502529826bc1992c8788988c7a36db (diff)
downloadpfsense-packages-f6cc1aad279ba95d70eb3c6a564eb50152cbeb63.tar.gz
pfsense-packages-f6cc1aad279ba95d70eb3c6a564eb50152cbeb63.tar.bz2
pfsense-packages-f6cc1aad279ba95d70eb3c6a564eb50152cbeb63.zip
Disable remote-cert-tls for now in exported configs, it requires that the server certificate be built in a different way than we currently support.
Diffstat (limited to 'config')
-rwxr-xr-xconfig/openvpn-client-export/openvpn-client-export.inc3
1 files changed, 2 insertions, 1 deletions
diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc
index 85f18cae..c453b8e2 100755
--- a/config/openvpn-client-export/openvpn-client-export.inc
+++ b/config/openvpn-client-export/openvpn-client-export.inc
@@ -200,7 +200,8 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke
}
// Prevent MITM attacks by verifying the server certificate.
- $conf .= "remote-cert-tls server\n";
+ // - Disable for now, it requires the server cert to include special options
+ //$conf .= "remote-cert-tls server\n";
// add optional settings
if ($settings['compression'])