Re: RFE: networkmanager-openvpn tls-version-min setting (for TLSv1.2)

On Mon, 2014-12-29 at 11:52 +0800, Anthony Alba wrote:
Playing around with Fedora 21/nm-openvpn it turns out that the version
of openvpn 2.3.6 in F21 supports TLSv1.2 cipher suites, however for
backward compatibility reasons openvpn >= 2.3.4  "forces" TLSv1 for
the Control Channel.

If I have a server running 2.3.6  --tls-version-min=1.0, I would like
to be able to set nm-openvpn clinet to use --tls-version-min=1.2 thus
availing myself of TLSv1.2.

I don't believe it's supported yet, and if you are willing to work on a
patch that's great!  I've filed this bug to track it:

so it doesn't get lost.  For the UI side I think the option should
probably be a dropdown box in the Security tab of the Advanced dialog,
much like HMAC Auth one.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]