-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi,
I should note: I have deleted the CA certificate from both server and client configs. This is a basic test to see if openvpn is running in Peer-fingerprint mode, because there is otherwise no indication of that being the case, at verb 4. At least, none that I can see. Thanks R ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, 15 May 2021 20:04, tincantech via Openvpn-users <openvpn-users@lists.sourceforge.net> wrote: > Hi, > > in Openvpn master branch there now exists Peer-Fingerprint mode. > This allows establishing a VPN by simply using self signed certificates, > which are identified by their fingerprint. > > This is very simple to setup, especially if you use Easy-PFP: > https://github.com/TinCanTech/easy-pfp > > However, if you are curious, you can still build a complete PKI using > Easy-RSA3 > and then build a complete suite of TLS-Crypt-V2 keys using Easy-TLS: > https://github.com/TinCanTech/easy-tls > > This then allows for OpenVPN to be run in Peer-Fingerprint mode > with full TLS-Crypt-V2 client specific keys in use. > > And it is Easy ! > > Enjoy > R -----BEGIN PGP SIGNATURE----- Version: ProtonMail wsBzBAEBCAAGBQJgoCEmACEJEE+XnPZrkLidFiEECbw9RGejjXJ5xVVVT5ec 9muQuJ2zKAf/Z/Ubu3P21nYzM9H3Tut3prATtZ1PSsC1UbuQ/IIH0ImErLAV 9de2e/F341+kSHDM9woY9eabiar1WhBtVPPtEUIQmkU3oQKwTwZXVFFrsW2z jFrM8KS9WGGBAMrf/MWK/i5mC+yTN07XeZY9LaAeImgaJpiLxZeJ21lC1i7y q1ti+gB6v8UgXurmGpNRRZKVBKRlbACbvsWyGV7WNwhqLf19HYLHseS3yFVd fkK+W1nOjnj6kcMEQtybSqqS6dPuAm1pr/LslMlglJXXC2VzAciogoikXQTt kNU7O0MVBXG0zQwZZ1eTB7OwFyvp1sWerVcKhJu8exPx1mgHNt2ijA== =8z6E -----END PGP SIGNATURE-----
publickey - tincantech@protonmail.com - 0x09BC3D44.asc
Description: application/pgp-keys
publickey - tincantech@protonmail.com - 0x09BC3D44.asc.sig
Description: PGP signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
