diff options
author | Robert Fischer <ml-openvpn@trispace.org> | 2011-04-21 22:55:52 +0200 |
---|---|---|
committer | David Sommerseth <davids@redhat.com> | 2011-06-14 11:14:27 +0200 |
commit | a599b7f62998de9502e23b3ca79e88d12089486b (patch) | |
tree | 49bd54f09f3adc7df22e8a12c400950d9b6e0359 | |
parent | Added info about --show-proxy-settings (diff) | |
download | openvpn-a599b7f62998de9502e23b3ca79e88d12089486b.tar.xz |
Documented --x509-username-field option
Also fixed a typo in the --help screen.
Signed-off-by: Robert Fischer <ml-openvpn@trispace.org>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>
(cherry picked from commit ca8af756c52ab7a4aecb857f60d6124e58458f0a)
-rw-r--r-- | openvpn.8 | 8 | ||||
-rw-r--r-- | options.c | 2 |
2 files changed, 9 insertions, 1 deletions
@@ -4356,6 +4356,14 @@ the tls-verify script returns. The file name used for the certificate is available via the peer_cert environment variable. .\"********************************************************* .TP +.B \-\-x509-username-field fieldname +Field in x509 certificate subject to be used as username (default=CN). +.B Fieldname +will be uppercased before matching. When this option is used, the +--tls-remote option will match against the chosen fieldname instead +of the CN. +.\"********************************************************* +.TP .B \-\-tls-remote name Accept connections only from a host with X509 name or common name equal to @@ -508,7 +508,7 @@ static const char usage_message[] = "--pkcs12 file : PKCS#12 file containing local private key, local certificate\n" " and optionally the root CA certificate.\n" #ifdef ENABLE_X509ALTUSERNAME - "--x509-username-field : Field used in x509 certificat to be username.\n" + "--x509-username-field : Field used in x509 certificate to be username.\n" " Default is CN.\n" #endif #ifdef WIN32 |