diff options
author | jim-p <jimp@pfsense.org> | 2010-07-01 09:14:11 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2010-07-01 09:15:44 -0400 |
commit | f6cc1aad279ba95d70eb3c6a564eb50152cbeb63 (patch) | |
tree | b040517095cb4afaff94a56910328cd476bc8b6e /config | |
parent | b49162af1d502529826bc1992c8788988c7a36db (diff) | |
download | pfsense-packages-f6cc1aad279ba95d70eb3c6a564eb50152cbeb63.tar.gz pfsense-packages-f6cc1aad279ba95d70eb3c6a564eb50152cbeb63.tar.bz2 pfsense-packages-f6cc1aad279ba95d70eb3c6a564eb50152cbeb63.zip |
Disable remote-cert-tls for now in exported configs, it requires that the server certificate be built in a different way than we currently support.
Diffstat (limited to 'config')
-rwxr-xr-x | config/openvpn-client-export/openvpn-client-export.inc | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc index 85f18cae..c453b8e2 100755 --- a/config/openvpn-client-export/openvpn-client-export.inc +++ b/config/openvpn-client-export/openvpn-client-export.inc @@ -200,7 +200,8 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke } // Prevent MITM attacks by verifying the server certificate. - $conf .= "remote-cert-tls server\n"; + // - Disable for now, it requires the server cert to include special options + //$conf .= "remote-cert-tls server\n"; // add optional settings if ($settings['compression']) |