diff options
author | Peter Palfrader <peter@palfrader.org> | 2017-01-02 10:55:53 +0100 |
---|---|---|
committer | Peter Palfrader <peter@palfrader.org> | 2017-01-02 10:55:53 +0100 |
commit | b9d21406c26070c1f6fc785903f82d9a647e57f6 (patch) | |
tree | 55b70bda78f5829f5d4cfd70a32c53d361a69e7d | |
parent | a6e19f816e78d4ae2ed22988edf67a48d00c6b00 (diff) |
Use verify-x509-name where possible
-rwxr-xr-x | Generate | 6 |
1 files changed, 5 insertions, 1 deletions
@@ -683,7 +683,11 @@ hostlist.each{ |host| else conffile.puts "tls-client" end - conffile.puts "tls-remote %s.%s"%[peer['name'], $config['cadndomain']] + if host['openvpn_ge_23'] + conffile.puts "verify-x509-name \"%s%s.%s\""%[$config['x509nameprefix'], peer['name'], $config['cadndomain']] + else + conffile.puts "tls-remote %s.%s"%[peer['name'], $config['cadndomain']] + end if host['pkcs12'] conffile.puts "pkcs12 #{$NAMESPACE}-%s.%s.p12"%[host['name'], $config['cadndomain']] else |