Am 09.04.19 um 16:34 schrieb Michal Soltys: > The man page states that when using --capath, the user is required to > provide CRLs for CAs. This is not true and providing CRLs is optional - > both in case of --capath as well as --crl-verify options. When relevant > CRL is not found OpenVPN simply logs the warning in the logs while > allowing the connection, e.g.:
I cannot get my OpenVPN to fail without CRLs, so it might be change in OpenSSL or OpenVPN but this patch changes to documentation to reflect current behaviour, so Acked-By: Arne Schwabe <a...@rfc2549.org>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel