Re: openvpn connection failed
- From: Jon Escombe <lists dresco co uk>
- To: v tolstov <v tolstov selfip ru>
- Cc: networkmanager-list gnome org
- Subject: Re: openvpn connection failed
- Date: Thu, 8 May 2008 17:37:22 +0100 (BST)
----- "Vasiliy G Tolstov" <v tolstov selfip ru> wrote:
> There is problem because NM add
> g_ptr_array_add (openvpn_argv, (gpointer) "--ns-cert-type");
> g_ptr_array_add (openvpn_argv, (gpointer) "server");
>
The NM openvpn plugin requires that the remote certificate is created with a server certificate designation (which seems to often get missed/ignored by certificate creation scripts). This restriction should prevent a man in the middle attack, where an attacker with a valid client certificate is impersonating the server.
Regards,
Jon.
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
