mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-09-20 03:52:28 +02:00
Documented --x509-username-field option
Also fixed a typo in the --help screen. Signed-off-by: Robert Fischer <ml-openvpn@trispace.org> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
This commit is contained in:
parent
54d40afdfa
commit
ca8af756c5
@ -4434,6 +4434,14 @@ the tls-verify script returns. The file name used for the certificate
|
||||
is available via the peer_cert environment variable.
|
||||
.\"*********************************************************
|
||||
.TP
|
||||
.B \-\-x509-username-field fieldname
|
||||
Field in x509 certificate subject to be used as username (default=CN).
|
||||
.B Fieldname
|
||||
will be uppercased before matching. When this option is used, the
|
||||
--tls-remote option will match against the chosen fieldname instead
|
||||
of the CN.
|
||||
.\"*********************************************************
|
||||
.TP
|
||||
.B \-\-tls-remote name
|
||||
Accept connections only from a host with X509 name
|
||||
or common name equal to
|
||||
|
@ -538,7 +538,7 @@ static const char usage_message[] =
|
||||
"--pkcs12 file : PKCS#12 file containing local private key, local certificate\n"
|
||||
" and optionally the root CA certificate.\n"
|
||||
#ifdef ENABLE_X509ALTUSERNAME
|
||||
"--x509-username-field : Field used in x509 certificat to be username.\n"
|
||||
"--x509-username-field : Field used in x509 certificate to be username.\n"
|
||||
" Default is CN.\n"
|
||||
#endif
|
||||
"--verify-hash : Specify SHA1 fingerprint for level-1 cert.\n"
|
||||
|
Loading…
Reference in New Issue
Block a user