New upstream version 2.4.4upstream/2.4.4

author: Jörg Frings-Fürst <debian@jff-webhosting.net> 2017-10-02 06:57:04 +0200
committer: Jörg Frings-Fürst <debian@jff-webhosting.net> 2017-10-02 06:57:04 +0200
commit: a6daf938f5f616a4a67caa6580b0c99e9a8c3779 (patch)
tree: 4b23e4201976a2324b6bbd7e5ae3a9f78bbac417 /README.mbedtls
parent: 9683f890944ffb114f5f8214f694e0b339cf5a5a (diff)
1 files changed, 26 insertions, 0 deletions
diff --git a/README.mbedtls b/README.mbedtls
new file mode 100644
index 0000000..4875822
--- /dev/null
+++ b/README.mbedtls
@@ -0,0 +1,26 @@
+This version of OpenVPN has mbed TLS support. To enable follow the following
+instructions:
+
+To Build and Install,
+
+	./configure --with-crypto-library=mbedtls
+	make
+	make install
+
+This version depends on mbed TLS 2.0 (and requires at least 2.0.0).
+
+*************************************************************************
+
+Due to limitations in the mbed TLS library, the following features are missing
+in the mbed TLS version of OpenVPN:
+
+ * PKCS#12 file support
+ * --capath support - Loading certificate authorities from a directory
+ * Windows CryptoAPI support
+ * X.509 alternative username fields (must be "CN")
+
+Plugin/Script features:
+
+ * X.509 subject line has a different format than the OpenSSL subject line
+ * X.509 certificate export does not work
+ * X.509 certificate tracking
author	Jörg Frings-Fürst <debian@jff-webhosting.net>	2017-10-02 06:57:04 +0200
committer	Jörg Frings-Fürst <debian@jff-webhosting.net>	2017-10-02 06:57:04 +0200
commit	a6daf938f5f616a4a67caa6580b0c99e9a8c3779 (patch)
tree	4b23e4201976a2324b6bbd7e5ae3a9f78bbac417 /README.mbedtls
parent	9683f890944ffb114f5f8214f694e0b339cf5a5a (diff)