Message ID | 20190201204348.22326-1-openvpn-devel=lists.sourceforge.net@thomas.quinot.org |
---|---|
State | Accepted |
Headers | show |
Series | [Openvpn-devel] Fix documentation of tls-verify script argument | expand |
Hi, On 01-02-19 21:43, openvpn-devel=lists.sourceforge.net@thomas.quinot.org wrote: > From: Thomas Quinot <quinot@adacore.com> > > The second argument is the entire subject DN, not just the CN. > --- > doc/openvpn.8 | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/doc/openvpn.8 b/doc/openvpn.8 > index 7abcaf1e..f80393ee 100644 > --- a/doc/openvpn.8 > +++ b/doc/openvpn.8 > @@ -5448,7 +5448,7 @@ is executed two arguments are appended after any arguments specified in > .B cmd certificate_depth subject > > These arguments are, respectively, the current certificate depth and > -the X509 common name (cn) of the peer. > +the X509 subject distinguished name (dn) of the peer. > > This feature is useful if the peer you want to trust has a certificate > which was signed by a certificate authority who also signed many > This is indeed what we do. Thanks for the fix. Acked-by: Steffan Karger <steffan@karger.me> -Steffan
Your patch has been applied to the master and release/2.4 branch. Thanks. commit a35d517f4893b3967783ad7926a7edd08f9f59d3 (master) commit 4e36eb913dfe5b4e4d9c0c0637f480c5b9f63e33 (release/2.4) Author: Thomas Quinot Date: Fri Feb 1 21:43:48 2019 +0100 Fix documentation of tls-verify script argument Acked-by: Steffan Karger <steffan.karger@fox-it.com> Message-Id: <20190201204348.22326-1-openvpn-devel=lists.sourceforge.net@thomas.quinot.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg18195.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/doc/openvpn.8 b/doc/openvpn.8 index 7abcaf1e..f80393ee 100644 --- a/doc/openvpn.8 +++ b/doc/openvpn.8 @@ -5448,7 +5448,7 @@ is executed two arguments are appended after any arguments specified in .B cmd certificate_depth subject These arguments are, respectively, the current certificate depth and -the X509 common name (cn) of the peer. +the X509 subject distinguished name (dn) of the peer. This feature is useful if the peer you want to trust has a certificate which was signed by a certificate authority who also signed many
From: Thomas Quinot <quinot@adacore.com> The second argument is the entire subject DN, not just the CN. --- doc/openvpn.8 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)