mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-09-20 12:02:28 +02:00
Document the inlining of files in openvpn and document key-direction
This patch documents the usage of inline files in OpenVPN. Hackish ways of inline files are deliberately left out. For tls-auth and secret the key-direction option is right way of specifying the direction and not by using two tls-auth/secret lines where the first sets the direction and has a dummy file name and the second sets the inline file data but does not reset the direction parameter. Also pkcs12 [[INLINE]] base64encoded_data works but is a quirk of how the config parser works Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: 1345756860-2044-1-git-send-email-arne@rfc2549.org URL: http://article.gmane.org/gmane.network.openvpn.devel/7006 Signed-off-by: David Sommerseth <davids@redhat.com>
This commit is contained in:
parent
e1f6121d6c
commit
0979ec7e91
@ -3621,6 +3621,14 @@ would see nothing
|
||||
but random-looking data.
|
||||
.\"*********************************************************
|
||||
.TP
|
||||
.B \-\-key-direction
|
||||
Alternative way of specifying the optional direction parameter for the
|
||||
.B \-\-tls-auth
|
||||
and
|
||||
.B \-\-secret
|
||||
options. Useful when using inline files (See section on inline files).
|
||||
.\"*********************************************************
|
||||
.TP
|
||||
.B \-\-auth alg
|
||||
Authenticate packets with HMAC using message
|
||||
digest algorithm
|
||||
@ -5901,6 +5909,37 @@ X509_1_C=KG
|
||||
.ft
|
||||
.fi
|
||||
.\"*********************************************************
|
||||
.SH INLINE FILE SUPPORT
|
||||
OpenVPN allows including files in the main configuration for the
|
||||
.B \-\-ca, \-\-cert, \-\-dh, \-\-extra-certs, \-\-key, \-\-pkcs12, \-\-secret
|
||||
and
|
||||
.B \-\-tls-auth
|
||||
options.
|
||||
|
||||
Each inline file started by the line
|
||||
.B <option>
|
||||
and ended by the line
|
||||
.B </option>
|
||||
|
||||
Here is an example of an inline file usage
|
||||
|
||||
.nf
|
||||
.ft 3
|
||||
.in +4
|
||||
<cert>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
[...]
|
||||
-----END CERTIFICATE-----
|
||||
</cert>
|
||||
.in -4
|
||||
.ft
|
||||
.fi
|
||||
|
||||
When using the inline file feature with
|
||||
.B \-\-pkcs12
|
||||
the inline file has to be base64 encoded. Encoding of a .p12 file into base64 can be done for example with OpenSSL by running
|
||||
.B openssl base64 -in input.p12
|
||||
|
||||
.SH SIGNALS
|
||||
.TP
|
||||
.B SIGHUP
|
||||
|
Loading…
Reference in New Issue
Block a user