diff options
-rwxr-xr-x | config/openvpn-client-export/openvpn-client-export.inc | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc index 97cbfa64..85f18cae 100755 --- a/config/openvpn-client-export/openvpn-client-export.inc +++ b/config/openvpn-client-export/openvpn-client-export.inc @@ -197,9 +197,11 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke if ($settings['tls'] && !$skiptls) { $conf .= "tls-auth {$prefix}-tls.key 1\n"; - $conf .= "remote-cert-tls server\n"; } + // Prevent MITM attacks by verifying the server certificate. + $conf .= "remote-cert-tls server\n"; + // add optional settings if ($settings['compression']) $conf .= "comp-lzo\n"; |