aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xconfig/openvpn-client-export/openvpn-client-export.inc4
1 files changed, 3 insertions, 1 deletions
diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc
index 97cbfa64..85f18cae 100755
--- a/config/openvpn-client-export/openvpn-client-export.inc
+++ b/config/openvpn-client-export/openvpn-client-export.inc
@@ -197,9 +197,11 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke
if ($settings['tls'] && !$skiptls) {
$conf .= "tls-auth {$prefix}-tls.key 1\n";
- $conf .= "remote-cert-tls server\n";
}
+ // Prevent MITM attacks by verifying the server certificate.
+ $conf .= "remote-cert-tls server\n";
+
// add optional settings
if ($settings['compression'])
$conf .= "comp-lzo\n";