blob: c4f3924bd549ed8c4a8ca80cfcc411bfc3cfdc47 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
This version of OpenVPN has mbed TLS support. To enable, follow the
instructions below:
To build and install,
./configure --with-crypto-library=mbedtls
make
make install
This version requires mbed TLS version >= 2.0.0 or >= 3.2.1.
*************************************************************************
Due to limitations in the mbed TLS library, the following features are missing
in the mbed TLS version of OpenVPN:
* PKCS#12 file support
* --capath support - Loading certificate authorities from a directory
* Windows CryptoAPI support
* X.509 alternative username fields (must be "CN")
Plugin/Script features:
* X.509 subject line has a different format than the OpenSSL subject line
* X.509 certificate tracking
*************************************************************************
Mbed TLS 3 has implemented (parts of) the TLS 1.3 protocol, but we have disabled
support in OpenVPN because the TLS-Exporter function is not yet implemented.
|
