From: Robert Fischer Date: Thu, 21 Apr 2011 20:55:52 +0000 (+0200) Subject: Documented --x509-username-field option X-Git-Tag: v2.2.1~8 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a599b7f62998de9502e23b3ca79e88d12089486b;p=thirdparty%2Fopenvpn.git Documented --x509-username-field option Also fixed a typo in the --help screen. Signed-off-by: Robert Fischer Acked-by: David Sommerseth Signed-off-by: David Sommerseth (cherry picked from commit ca8af756c52ab7a4aecb857f60d6124e58458f0a) --- diff --git a/openvpn.8 b/openvpn.8 index 64445583e..428233f49 100644 --- a/openvpn.8 +++ b/openvpn.8 @@ -4356,6 +4356,14 @@ the tls-verify script returns. The file name used for the certificate is available via the peer_cert environment variable. .\"********************************************************* .TP +.B \-\-x509-username-field fieldname +Field in x509 certificate subject to be used as username (default=CN). +.B Fieldname +will be uppercased before matching. When this option is used, the +--tls-remote option will match against the chosen fieldname instead +of the CN. +.\"********************************************************* +.TP .B \-\-tls-remote name Accept connections only from a host with X509 name or common name equal to diff --git a/options.c b/options.c index 4a11f53e8..7a5e35d66 100644 --- a/options.c +++ b/options.c @@ -508,7 +508,7 @@ static const char usage_message[] = "--pkcs12 file : PKCS#12 file containing local private key, local certificate\n" " and optionally the root CA certificate.\n" #ifdef ENABLE_X509ALTUSERNAME - "--x509-username-field : Field used in x509 certificat to be username.\n" + "--x509-username-field : Field used in x509 certificate to be username.\n" " Default is CN.\n" #endif #ifdef WIN32