[122459] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: dns interceptors

daemon@ATHENA.MIT.EDU (Randy Bush)
Sun Feb 14 22:29:44 2010

Date: Mon, 15 Feb 2010 12:29:21 +0900
From: Randy Bush <randy@psg.com>
To: charles@knownelement.com
In-Reply-To: <538584784-1266203813-cardhu_decombobulator_blackberry.rim.net-839069026-@bda609.bisx.prod.on.blackberry>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

end user to network

having probs with certs, i.e. what --outform it wants.  not finding in
docs.  tried raw, but now guessing pem.  same for client and server

server
  ca.crt
  server.crt
  server.key

client
  ca.crt
  client.crt
  client.key

and i presume i have to dump all client.crt files in the server's
../openvpn dir, but under what names?  or does it just wantonly trust
anyone under that ca?

randy


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[122459] in North American Network Operators' Group

Re: dns interceptors

daemon@ATHENA.MIT.EDU (Randy Bush)Sun Feb 14 22:29:44 2010

daemon@ATHENA.MIT.EDU (Randy Bush)
Sun Feb 14 22:29:44 2010