OpenVPN: don't generate dummy certificates (#521)

* Cedar: don't generate dummy certificate * hamcore: comment out <cert> and <key> in openvpn_sample.ovpn
2025-07-06 07:44:57 +03:00 · 2018-05-03 13:44:51 +02:00
parent 13cadf6492
commit 59c817e0fc
2 changed files with 22 additions and 79 deletions
--- a/src/bin/hamcore/openvpn_sample.ovpn
+++ b/src/bin/hamcore/openvpn_sample.ovpn
@ -100,6 +100,12 @@ persist-key
 persist-tun
 client
 verb 3
+
+###############################################################################
+# Authentication with credentials.
+# 
+# Comment the line out in case you want to use the certificate authentication.
+
 auth-user-pass


@ -117,21 +123,22 @@ $CA$


 ###############################################################################
-# The client certificate file (dummy).
+# Client certificate and key.
 # 
-# In some implementations of OpenVPN Client software
-# (for example: OpenVPN Client for iOS),
-# a pair of client certificate and private key must be included on the
-# configuration file due to the limitation of the client.
-# So this sample configuration file has a dummy pair of client certificate
-# and private key as follows.
-
-<cert>
-$CERT$
-</cert>
-
-<key>
-$KEY$
-</key>
+# A pair of client certificate and private key is required in case you want to
+# use the certificate authentication.
+# 
+# To enable it, uncomment the lines below.
+# Paste your certificate in the <cert> block and the key in the <key> one.

+;<cert>
+;-----BEGIN CERTIFICATE-----
+;
+;-----END CERTIFICATE-----
+;</cert>

+;<key>
+;-----BEGIN RSA PRIVATE KEY-----
+;
+;-----END RSA PRIVATE KEY-----
+;</key>