[Openvpn-users] Easy-TLS v2.3

2021-07-20 Thread tincantech via Openvpn-users
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, for those of you who are interested in such things, Easy-TLS v2.3 is now released. v2.3 allows a server to shut-down a client. https://github.com/TinCanTech/easy-tls Try a google search and see.. To use Easy-TLS, simply use the inter-active

Re: [Openvpn-users] Easy-TLS and Easy-PFP

2021-05-15 Thread tincantech via Openvpn-users
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, OK, without the CA being set there is this message at the top of the log: Using certificate fingerprint to verify peer (no CA option set) So there it is! Thanks R ‐‐‐ Original Message ‐‐‐ On Saturday, 15 May 2021 20:29, tincantech wr

Re: [Openvpn-users] Easy-TLS and Easy-PFP

2021-05-15 Thread tincantech via Openvpn-users
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, I should note: I have deleted the CA certificate from both server and client configs. This is a basic test to see if openvpn is running in Peer-fingerprint mode, because there is otherwise no indication of that being the case, at verb 4. At le

Re: [Openvpn-users] Easy-TLS and Easy-PFP

2021-05-15 Thread tincantech via Openvpn-users
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, ‐‐‐ Original Message ‐‐‐ On Saturday, 15 May 2021 20:04, tincantech via Openvpn-users wrote: > Hi, > > in Openvpn master branch there now exists Peer-Fingerprint mode. > This allows establishing a VPN by simply using self signed certi

[Openvpn-users] Easy-TLS and Easy-PFP

2021-05-15 Thread tincantech via Openvpn-users
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, in Openvpn master branch there now exists Peer-Fingerprint mode. This allows establishing a VPN by simply using self signed certificates, which are identified by their fingerprint. This is very simple to setup, especially if you use Easy-PFP: h

[Openvpn-users] Easy-TLS Update

2021-03-12 Thread tincanteksup
Hi, on the slim chance that anybody here is interested in such things.. Today I confirmed that not only does Easy-TLS fully work in Windows but also, all the server side scripts function exactly as intended. This even includes "hardware-lockdown" for clients. * Note: I know it is not real hardw

Re: [Openvpn-users] Easy-TLS

2021-02-16 Thread tincanteksup
If you decide to take a look then the best place to start is with the inter-active menus. Simply download 'easytls' to your current Easy-RSA directory and you are ready to start. Usage is: ./easytls init-tls ./easytls build ./easytls inline ./easytls remove Also download the OpenVPN Server s

[Openvpn-users] Easy-TLS

2021-02-16 Thread tincanteksup
Hi, I have written Easy-TLS (based on Easy-RSA) to help with creating and managing TLS-keys and OpenVPN Inline files, including X509 certificates and keys. Easy-TLS also takes huge advantage of the power of TLS-Crypt-V2 keys which were introduced in OpenVPN v2.5 Easy-TLS also has inter-act