[Openvpn-users] --tls-verify certificate_depth=1

Tue, 06 Apr 2021 09:42:29 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi,

can somebody please explain why --tls-verify is run for the server certificate ?
EG: certificate_depth=1

I cannot find a reason to drop a remote client based on the server certificate.

Calling --tls-verify to verify my server certificate seems to be a waste of
server resources and connection setup time.

Thanks.
R

Sent with ProtonMail Secure Email.
-----BEGIN PGP SIGNATURE-----
Version: ProtonMail

wsBzBAEBCAAGBQJgbI6TACEJEE+XnPZrkLidFiEECbw9RGejjXJ5xVVVT5ec
9muQuJ2MTgf+PnnzTUoJIlQPFsVm4E3Bz59WRoCcnoo6PnkZUrk+8SCf0XLr
ruoxYSRmdIz0wCPyhUWuD9pnUFbRKsp+qZJKoSqyxCYKmzeZ7ifn4xT4QAtO
i7GjKseyVbZFjPyQ0Y7hrLU8gi1TzrtVIL3Hhcr0pT5/ijVLUECjVuZ6/aFN
riBY7wLyJZjE0Fa6uRYNb5+pb5ZBI9rNl7WSdbEbYoRa2FsVVVhapi4ehw73
QybC8pIfN71UdEvk2dAuV5dP78TUJy2wZAUj61b6xDrZN19YrsyXNruV7xv8
7N9rIM/uS0EaaFNxNf/LKAZ2DarrLrvIyWyfB62LQ3hlpvVbcOpnCA==
=nciS
-----END PGP SIGNATURE-----

Attachment: publickey - tincantech@protonmail.com - 0x09BC3D44.asc
Description: application/pgp-keys

Attachment: publickey - tincantech@protonmail.com - 0x09BC3D44.asc.sig
Description: PGP signature

_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users






















					Reply via email to