drpuur
/
rych-openvpn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

use newer server cert to get rif of @SECLEVEL=0 (at least try if it works)

This commit is contained in:
Joerg Lehmann 2022-10-22 10:23:10 +02:00
parent 58b7e59e52
commit 0457852f6f
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config/server-443.conf
View File

@ -9,7 +9,7 @@ script-security 3
writepid /var/run/openvpn-server/myopenvpn-443.pid writepid /var/run/openvpn-server/myopenvpn-443.pid
; ciphers ; ciphers
tls-cipher "DEFAULT:@SECLEVEL=0" tls-cipher "DEFAULT"
; tunnel configuration ; tunnel configuration
dev tap1 dev tap1

6
config/server.conf
View File

@ -9,7 +9,7 @@ script-security 3
writepid /var/run/openvpn-server/myopenvpn.pid writepid /var/run/openvpn-server/myopenvpn.pid
; ciphers ; ciphers
tls-cipher "DEFAULT:@SECLEVEL=0" tls-cipher "DEFAULT"
; tunnel configuration ; tunnel configuration
dev tap0 dev tap0
@ -38,8 +38,8 @@ management localhost 6666
; certificates and authentication ; certificates and authentication
dh /opt/openvpn/private/dh2048.pem dh /opt/openvpn/private/dh2048.pem
ca /opt/openvpn/ca/cacert.pem ca /opt/openvpn/ca/cacert.pem
cert /opt/openvpn/certs/hostcert.pem cert /opt/openvpn/certs/ewon.rychiger.com-cert.pem
key /opt/openvpn/private/hostkey.pem key /opt/openvpn/private/ewon.rychiger.com-key.pem
verify-client-cert none verify-client-cert none
username-as-common-name username-as-common-name
auth-user-pass-verify /opt/openvpn/scripts/openvpn-auth.py via-env auth-user-pass-verify /opt/openvpn/scripts/openvpn-auth.py via-env