openvpn/README.mbedtls
David Sommerseth ed0e79938e
docs: Replace all PolarSSL references to mbed TLS
There were references in our documentation to the now deprecated PolarSSL
library, which have changed name upstream to mbed TLS.

In addition, where appropriate, the documentation now considers only
mbed TLS 2.0 and newer.  This is in accordance with the requirements
./configure sets.

[DS: On-the-fly change - Updated Makefile.am to use README.mbedtls
     instead of README.polarssl. This ensures make dist and buildbots
     won't explode]

Signed-off-by: David Sommerseth <davids@openvpn.net>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <20170822114715.14225-1-davids@openvpn.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15309.html
Signed-off-by: David Sommerseth <davids@openvpn.net>
2017-09-06 23:42:55 +02:00

27 lines
788 B
Plaintext

This version of OpenVPN has mbed TLS support. To enable follow the following
instructions:
To Build and Install,
./configure --with-crypto-library=mbedtls
make
make install
This version depends on mbed TLS 2.0 (and requires at least 2.0.0).
*************************************************************************
Due to limitations in the mbed TLS library, the following features are missing
in the mbed TLS version of OpenVPN:
* PKCS#12 file support
* --capath support - Loading certificate authorities from a directory
* Windows CryptoAPI support
* X.509 alternative username fields (must be "CN")
Plugin/Script features:
* X.509 subject line has a different format than the OpenSSL subject line
* X.509 certificate export does not work
* X.509 certificate tracking