Hello,
What is the option --username-as-common-name supposed to do? According to the manpage: 'For --auth-user-pass-verify authentication, use the authenticated username as the common name, rather than the common name from the client cert' I read this as: when the auth-user-pass-verify script is run the common name is the same as the username, but when other scripts are run it has it's original value. Am I mis-interpreting this? or is it a documentation-error? The openvpn howto seems to say something different: 'Such configurations should usually also set: username-as-common-name which will tell the server to use the username for indexing purposes as it would use the Common Name of a client which was authenticating via a client certificate.' But then the question is what is considered as an indexing purpose? It seems to me that after user/password authentication the username is used everywhere where the common name would have been used (scripts, ccd, ...). Is this assumption correct? Regards, Bram
