``--cert file`` above). URI is supported only when built with OpenSSL 3.0
or later and any required providers are loaded. (See ``--cert`` for more details).
+--ns-cert-type type
+ **DEPRECATED** The ``--remote-cert-tls`` option should be used instead.
+ The option is still available since it can't be silently ignored and needs
+ updates to certificates and configs on both sides of the connection.
+ However it should not be used for new clients or servers. It depends on the
+ deprecated ``nsCertType`` certificate field.
+
+ Might not work depending on the TLS library used.
+
+ Will be removed in a future release.
+
--pkcs12 file
Specify a PKCS #12 file containing local private key, local certificate,
and root CA certificate. This option can be used instead of ``--ca``,
VPN tunnel security. Previously we claimed to have removed this in
OpenVPN 2.5, but this wasn't actually the case.
---ns-cert-type
- Removed in OpenVPN 2.5. The ``nsCertType`` field is no longer supported
- in recent SSL/TLS libraries. If your certificates does not include *key
- usage* and *extended key usage* fields, they must be upgraded and the
- ``--remote-cert-tls`` option should be used instead.
-
--prng
Removed in OpenVPN 2.6. We now always use the PRNG of the SSL library.
projects / thirdparty / openvpn.git / commitdiff
