Whoops, that wasn't aimed at me in the first place. Nonetheless, I have a pretty good example of why OpenVPN "requires" a self-signed cert in CB's answer to issue #4756. -Adam
On June 17, 2015 10:41:28 AM CDT, Adam Thompson <[email protected]> wrote: >The "issue" with OpenVPN is merely that I have to prime each client >system with both software and configuration file(s), which isn't always >possible or feasible in my environment. >-Adam > > >On June 17, 2015 10:22:04 AM CDT, "Ermal Luçi" <[email protected]> wrote: >>On Wed, Jun 17, 2015 at 4:40 PM, Steve Yates <[email protected]> >wrote: >> >>> Jim Pingle wrote on Wed, Jun 17 2015 at 9:00 am: >>> >>> > are with the certificate, either with generating the cert (missing >>the >>> > SAN, for example) >>> >>> I banged my head against Windows VPN for a bit before >finding >>out >>> it doesn't support wildcard certs...seems *.example.com doesn't >match >>the >>> hostname if the hostname doesn't have the * in it... >>> >>> OpenVPN requires a self-signed cert. >>> >> >>Can you report the issue with OpenVPN on self-signed cert? >> >>> >>> -- >>> >>> Steve Yates >>> ITS, Inc. >>> >>> >>> _______________________________________________ >>> pfSense mailing list >>> https://lists.pfsense.org/mailman/listinfo/list >>> Support the project with Gold! https://pfsense.org/gold >>> >>_______________________________________________ >>pfSense mailing list >>https://lists.pfsense.org/mailman/listinfo/list >>Support the project with Gold! https://pfsense.org/gold > >-- >Sent from my Android device with K-9 Mail. Please excuse my brevity. >_______________________________________________ >pfSense mailing list >https://lists.pfsense.org/mailman/listinfo/list >Support the project with Gold! https://pfsense.org/gold -- Sent from my Android device with K-9 Mail. Please excuse my brevity. _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
