Hi David,
David Sommerseth wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 20/06/11 11:36, Jan Just Keijser wrote:
NACK on this patch - the openssl.cnf file should be (almost) the same as
the one used in easy-rsa/2.0
that way the certificates are generated in the same manner (*with*
EKU=ServerAuth)
Okay, I'll revert commit 663860ad04dd4190fddbee63e724d3fdceafd937 (master)
and 6989cbde616a00380acf3a390959987765a5325b (release/2.2) immediately.
Samuli, can you please look closer into this? I did a more careful diff
from 2.0/openssl.cnf and Windows/openssl.cnf ... and it seems quite
different. Can we please unite them?
JJK: Do you know which differences are needed between Windows and non-Windows?
I just checked that the openssl.cnf file shipped with the windows
version of openvpn 2.1.4 is identical to the easy-rsa/2.0 version - is
there any reason not to do the same for openvpn 2.2?
cheers,
JJK