We are trying not to manage the CA. In my use case, each satellite servers already have the certificate issued by letsencrypt. The central server could just trust the letsencrypt CA, plus checking the CN is from one of our owned DNS domain.
Regards, Frank _______________________________________________ openconnect-devel mailing list openconnect-devel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/openconnect-devel
