Require that peer certificate was signed with an explicit
.B key usage.
-This is useful security option for clients, to ensure that
-the host they connect with is a designated server.
+This is a useful security option for clients, to ensure that
+the host they connect to is a designated server.
The key usage should be encoded in hex, more than one key
usage can be specified.
Require that peer certificate was signed with an explicit
.B extended key usage.
-This is useful security option for clients, to ensure that
-the host they connect with is a designated server.
+This is a useful security option for clients, to ensure that
+the host they connect to is a designated server.
The extended key usage should be encoded in oid notation, or
OpenSSL symbolic representation.
based on TLS rules.
This is a useful security option for clients, to ensure that
-the host they connect with is a designated server.
+the host they connect to is a designated server.
The
.B --remote-cert-tls client
" value should be given in hex format.\n"
"--remote-cert-eku oid : Require that the peer certificate was signed with\n"
" explicit extended key usage. Extended key usage can be encoded\n"
- " as on object identifier or OpenSSL string representation.\n"
+ " as an object identifier or OpenSSL string representation.\n"
"--remote-cert-tls t: Require that peer certificate was signed with explicit\n"
" key usage and extended key usage based on TLS rules.\n"
" t = 'client | 'server'.\n"
projects / thirdparty / openvpn.git / commitdiff
