Hi,
Well then change it for your needs - the vpn extension template isn't
specifically for openvpn, its just an starting point for a vpn-
server,
like the other role-templates and there openssl-config-templates too.
Well, the link above says:
"The RFC3280 determine that the following attributes should be
provided for
TLS connections:
Mode Key usage Extended key usage
Client digitalSignature,keyAgreement TLS Web Client Authentication
Server digitalSignature,keyEncipherment,keyAgreement TLS Web Server
Authentication
"
So, I don't think this is specific to OpenVPN.
sorry to contradict, the above text cites the required key usage for
TLS connections which OpenVPN can use for establishing a VPN.
IPSEC, on the other hand, does not use TLS at all and will work with
the key usage specified in the sample configuration.
OpenVPN is of course gaining popularity (and rightly so), but I guess
most people think IPSEC when talking about VPNs.
Dalini had a point when he wrote that the profiles are mereley a
configuration example - you will have to review them and modify them
to your needs.
cheers
Martin
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
