Skip to content
This repository has been archived by the owner on Sep 29, 2024. It is now read-only.

CA is always required for OpenVPN client #26

Closed
ghost opened this issue Oct 5, 2018 · 0 comments
Closed

CA is always required for OpenVPN client #26

ghost opened this issue Oct 5, 2018 · 0 comments
Assignees
@keeshux
Labels
bug Something isn't working
Milestone
1.1.1

Comments

@ghost
Copy link

ghost commented Oct 5, 2018

https://github.com/keeshux/tunnelkit/blob/d0a46fe20e536571ea83625f8ef6437fa53161f2/TunnelKit/Sources/Core/TLSBox.m#L118

The official OpenVPN client requires a CA to be set in the client configuration file. Without setting a CA the OpenVPN client gives an error and refuses to even try to connect.

  1. The CA certificate MUST be always set in the client configuration, no reason to have an if for this;
  2. The server certificate sent by the VPN server when establishing the TLS channel MUST be verified to be signed by this CA.
@keeshux keeshux modified the milestones: 1.1.0, 1.1.1 Oct 5, 2018
@keeshux keeshux added the bug Something isn't working label Oct 5, 2018
@keeshux keeshux self-assigned this Oct 5, 2018
@keeshux keeshux mentioned this issue Oct 5, 2018
Merged
keeshux added a commit that referenced this issue Oct 6, 2018
@keeshux
Make CA non-optional
0937745 
Fix up nullability qualifiers in TLSBox.

Fixes #26
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@keeshux keeshux

Labels
bug Something isn't working
Projects
None yet
Milestone
1.1.1
Development

No branches or pull requests
1 participant
@keeshux