diff options
author | Bernhard Schmidt <berni@debian.org> | 2017-12-30 22:21:14 +0100 |
---|---|---|
committer | Bernhard Schmidt <berni@debian.org> | 2017-12-30 22:21:14 +0100 |
commit | 166ec510cb88cc1213ba6f441ffb372836fbddd3 (patch) | |
tree | 8a8160ebeff4eaa8924367dbca91ff89fccbbb2d /README.mbedtls | |
parent | 1e5f64f1519f3e43bdd34e2975c9c97840779592 (diff) | |
parent | 75286879ecd00a15e21cb9126643fef0316bd47f (diff) |
Merge tag 'debian/2.4.4-2' into stretch-backports
openvpn Debian release 2.4.4-2
Diffstat (limited to 'README.mbedtls')
-rw-r--r-- | README.mbedtls | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/README.mbedtls b/README.mbedtls new file mode 100644 index 0000000..4875822 --- /dev/null +++ b/README.mbedtls @@ -0,0 +1,26 @@ +This version of OpenVPN has mbed TLS support. To enable follow the following +instructions: + +To Build and Install, + + ./configure --with-crypto-library=mbedtls + make + make install + +This version depends on mbed TLS 2.0 (and requires at least 2.0.0). + +************************************************************************* + +Due to limitations in the mbed TLS library, the following features are missing +in the mbed TLS version of OpenVPN: + + * PKCS#12 file support + * --capath support - Loading certificate authorities from a directory + * Windows CryptoAPI support + * X.509 alternative username fields (must be "CN") + +Plugin/Script features: + + * X.509 subject line has a different format than the OpenSSL subject line + * X.509 certificate export does not work + * X.509 certificate tracking |