Hi,
On Mon, Feb 23, 2015 at 05:40:11PM +0300, Vasily Kulikov wrote:
> > I agree -- the argument to --needs-external-cert should be optional.
>
> Note: Arne said about 'macos-keychain' prefix in the argument being
> optional, not the argument itself being optional. Acually, I don't
> think
On Mon, Feb 23, 2015 at 12:55 +, David Woodhouse wrote:
> On Mon, 2015-02-23 at 09:28 +0100, Arne Schwabe wrote:
> >
> > Am 23.02.15 um 09:04 schrieb Vasily Kulikov:
> > > management-external-cert 'macosx-keychain:SUBJECT:c=US'
> > >
> > > With the approach in patch v3 a user has to start
On Mon, Feb 23, 2015 at 08:04 -0500, Jonathan K. Bullard wrote:
> On Mon, Feb 23, 2015 at 4:00 AM, Gert Doering wrote:
> >
> > On Mon, Feb 23, 2015 at 09:28:31AM +0100, Arne Schwabe wrote:
> > > > What do you think of the change?
> > > I like the idea. You could make the
On Mon, Feb 23, 2015 at 8:10 AM, David Woodhouse wrote:
> On Mon, 2015-02-23 at 13:59 +0100, Arne Schwabe wrote:
>>
>> All fine. My rationale was like, if I want a certificate with a certain
>> SUBJECT (e.g. CN=schw...@mycoolca.com) etc. it should not matter for men
>> wether
On 02/23/2015 02:10 PM, David Woodhouse wrote:
> On Mon, 2015-02-23 at 13:59 +0100, Arne Schwabe wrote:
>>
>> All fine. My rationale was like, if I want a certificate with a certain
>> SUBJECT (e.g. CN=schw...@mycoolca.com) etc. it should not matter for men
>> wether I get it from OS X, Windows or
On Mon, 2015-02-23 at 13:59 +0100, Arne Schwabe wrote:
>
> All fine. My rationale was like, if I want a certificate with a certain
> SUBJECT (e.g. CN=schw...@mycoolca.com) etc. it should not matter for men
> wether I get it from OS X, Windows or Android Certificate store.
The canonical way of
On Mon, Feb 23, 2015 at 4:00 AM, Gert Doering wrote:
>
> On Mon, Feb 23, 2015 at 09:28:31AM +0100, Arne Schwabe wrote:
> > > What do you think of the change?
> > I like the idea. You could make the macos-keychain in the string optional.
>
> What Arne said (both parts of it)
Hi,
On Mon, Feb 23, 2015 at 09:28:31AM +0100, Arne Schwabe wrote:
> > What do you think of the change?
> I like the idea. You could make the macos-keychain in the string optional.
What Arne said (both parts of it) :-)
gert
--
USENET is *not* the non-clickable part of WWW!
Hi,
On Sun, Feb 15, 2015 at 23:01 +0100, Gert Doering wrote:
> Hi,
>
> On Sun, Feb 15, 2015 at 10:05:07PM +0100, Arne Schwabe wrote:
> > Am 24.01.15 um 18:04 schrieb Vasily Kulikov:
> [..]
> > > OpenVPN itself gets new 'NEED-CERTIFICATE" command which is called when
> > >
Hi Gert,
On Sun, Feb 15, 2015 at 23:01 +0100, Gert Doering wrote:
> I hear Arne, and James also ACKed this ("based on testing", which Arne
> did).
>
> I'm not merging it yet, though - Vasily, please provide a v4 of the patch
> that adds:
...
> With that, I'll merge right away :-)
Thank you for
Hi,
On Sun, Feb 15, 2015 at 10:05:07PM +0100, Arne Schwabe wrote:
> Am 24.01.15 um 18:04 schrieb Vasily Kulikov:
[..]
> > OpenVPN itself gets new 'NEED-CERTIFICATE" command which is called when
> > --management-external-cert is used. It is implemented as a multiline
> > command very similar to
Am 24.01.15 um 18:04 schrieb Vasily Kulikov:
> This patch adds support for using certificates stored in the Mac OSX
> Keychain to authenticate with the OpenVPN server. This works with
> certificates stored on the computer as well as certificates on hardware
> tokens that support Apple's tokend
This patch adds support for using certificates stored in the Mac OSX
Keychain to authenticate with the OpenVPN server. This works with
certificates stored on the computer as well as certificates on hardware
tokens that support Apple's tokend interface.
This patch version implements management
13 matches
Mail list logo