Re: OpenVPN Questions

David Zeuthen wrote:

> So... if I understand this right, some .crt and .key files are for all
> users while some are per-user, right? So, maybe embed the ones shared
> for all users in gconf? 

There is only one cert needed by all users: The CA file. Still I think
this is something that should be installed per user, for example if a
company has a pool of laptops that can be lend but for different
departments there are different VPNs.

> And make the authentication dialog prompt the user for the missing
> per-user certificates? Or even better... look up in a certificate store
> somewhere, e.g. I'm thinking NSS integration in the future...

I think this is something that should be done on the Desktop-Level, not
per Application. So if a Desktop-wide method to store certificates
emerges with should use that. For the same reason I think that it is not
the best idea for now to store these settings in GConf.

Another problem that we will have in either case: OpenVPN can only read
the certificates from real files. So we either need a patch to OpenVPN
to be able to take the certificates from say STDIN or create temporary
files while connecting.


    Tim Niemueller <tim niemueller de>
 Imagination is more important than knowledge. (Albert Einstein)

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]