diff options
author | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-10-28 20:24:46 +0000 |
---|---|---|
committer | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-10-28 20:24:46 +0000 |
commit | fd81c006213ed9d65473c1194b3446088158297e (patch) | |
tree | 9e5b7c0fb4da4d1259f4f378fc7cd3424cf26d91 | |
parent | Added server-side --auth-user-pass-optional directive, to allow (diff) | |
download | openvpn-fd81c006213ed9d65473c1194b3446088158297e.tar.xz |
Added man page entry for new environmental variable set
X509_{n}_{subject_field}.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3462 e7ae566f-a301-0410-adde-c780ea21d3b5
-rw-r--r-- | openvpn.8 | 37 |
1 files changed, 37 insertions, 0 deletions
@@ -5468,6 +5468,43 @@ script execution only when the .B via-env modifier is specified. .\"********************************************************* +.TP +.B X509_{n}_{subject_field} +An X509 subject field from the remote peer certificate, +where +.B n +is the verification level. Only set for TLS connections. Set prior +to execution of +.B --tls-verify +script. This variable is similar to +.B tls_id_{n} +except the component X509 subject fields are broken out, and +no string remapping occurs on these field values (except for remapping +of control characters to "_"). +For example, the following variables would be set on the +OpenVPN server using the sample client certificate +in sample-keys (client.crt). +Note that the verification level is 0 for the client certificate +and 1 for the CA certificate. +.RS +.ft 3 +.nf +.sp +X509_0_emailAddress=me@myhost.mydomain +X509_0_CN=Test-Client +X509_0_O=OpenVPN-TEST +X509_0_ST=NA +X509_0_C=KG +X509_1_emailAddress=me@myhost.mydomain +X509_1_O=OpenVPN-TEST +X509_1_L=BISHKEK +X509_1_ST=NA +X509_1_C=KG +.ft +.LP +.RE +.fi +.\"********************************************************* .SH SIGNALS .TP .B SIGHUP |