|
|
Both ends are winXP-SP2, OpenVPN v2.1RC1. I have two certificates issued by my own root CA (by means of ./easy-rsa). One certificate is intended for OpenVPN and resides on my eToken, another is intended for WPA2-Enterprize WiFi EAP-TLS. Since the "Wireless Zero Configuration" is lame, my WiFi cert is stored in the windows registry. The token used is Aladdin's USB eToken PRO, RTE v3.65. My client.ovpn has my OpenVPN cert signature: ca ca.crt cryptoapicert "THUMB:5a 74 7b 2d 58 c2 d0..." Suddenly I discovered that I do not need my eToken connected! I'm getting authenticated with my WiFi cert! I did not see anything wrong before because I always was connecting to my server *AFTER* I attached the token. Today I forgot to attach the token and this weird behaviour finaly surfaced... Interestingly, if a token is attached and I do not enter it's PIN into Aladdin's pop-up - the OpenVPN connection fails. This is what has masked the cryptoapicert bug all this time... Besides, I seem to recall that some (or even all) previous version[s] did not behave like that - it was "No token - no connection" still with the WiFi cert available in the registry store. -- Tony. ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users |