Forum,
I have an multi-openvpn-server installation which uses two-factor authentication. All users have the same certificate but use their own usernames.
For this reason i have to use duplicate-cn (or username-as-common-name). A single authentication server authenticates all users for all openvpn servers.
Additionally I use the management interface to show the connection status on a web site.
However, the management interface only shows the common name but not the user name.
Because of this, I cannot show the connected user on that web site.
I tried to use username-as-common-name, the management interface then correctly shows the usernames of the connected users.
But that also rewrites the common-name variable in the environment for the --client-connect script.
In this constellation i cannot verify the certificate within the client-connect script (or any other script)
I would like to have the "original" certificate common-name in the environment for further checks.
Probably in a new variable "certificate_common_name" or "original_common_name"?
Thanks,
Christoph
common-name AND username in env with username-as-common-name
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
egceberle
- OpenVpn Newbie
- Posts: 1
- Joined: Thu Apr 02, 2015 7:27 am