Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
S1OVS
openvpn-server
Commits
ab0ba609
Commit
ab0ba609
authored
May 28, 2018
by
root
Browse files
Merge branch 'master' of
https://stash.sol1.net/scm/s1ovs/openvpn-server
parents
0b666557
389d1d1c
Changes
5
Hide whitespace changes
Inline
Side-by-side
config/openssl.cnf
View file @
ab0ba609
...
...
@@ -66,7 +66,6 @@ emailAddress = optional
[ req ]
# Commented out for bug hack reasons. See postinst for more info.
#prompt = no
extendedKeyUsage = clientAuth
default_bits = 2048
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
...
...
@@ -139,8 +138,10 @@ basicConstraints=CA:FALSE
nsComment = "Generated by openvpn-server"
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer:always
extendedKeyUsage = clientAuth
keyUsage = digitalSignature,keyEncipherment
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
...
...
@@ -159,9 +160,10 @@ authorityKeyIdentifier=keyid,issuer:always
[ server ]
basicConstraints=CA:FALSE
extendedKeyUsage = serverAuth
keyUsage = digitalSignature,keyEncipherment
nsComment = "OpenSSL Generated Server Certificate"
subjectKeyIdentifier
=
hash
authorityKeyIdentifier
=
keyid,issuer:always
subjectKeyIdentifier
=
hash
authorityKeyIdentifier
=
keyid,issuer:always
[ v3_req ]
...
...
config/ovpn-client.conf
View file @
ab0ba609
...
...
@@ -8,7 +8,7 @@ comp-lzo
client
pkcs12
%%
ORGNICK
%%-%%
USERNAME
%%.
p12
ns
-
cert
-
t
ype
server
remote
-
cert
-
t
ls
server
cipher
AES
-
256
-
CBC
pull
...
...
config/ovpn-generic-client.conf
View file @
ab0ba609
...
...
@@ -8,7 +8,8 @@ comp-lzo
client
ns
-
cert
-
type
server
remote
-
cert
-
tls
server
cipher
AES
-
256
-
CBC
pull
verb
4
...
...
debian/changelog
View file @
ab0ba609
openvpn-server (0.9.3) lucid precise xeniel; urgency=low
* Fixes for openssl config
* Fixes for openvpn client template files
-- Sol1 Packages <packages@sol1.com.au> Fri, 28 May 2018 11:30:00 +1000
openvpn-server (0.9.2) lucid precise xeniel; urgency=low
* Fix error on install with systemd not seeing reload untill restart has been return
...
...
debian/postinst
View file @
ab0ba609
...
...
@@ -172,6 +172,7 @@ dev tun
dh /etc/openvpn-server/dh4096.pem
pkcs12 /etc/openvpn-server/
$ORGNICK
-server.p12
crl-verify /etc/openvpn-server/ca.crl
remote-cert-tls client
cipher AES-256-CBC
client-config-dir /etc/openvpn/ccd
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment