OpenVPN/openvpn
1
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn.git synced 2025-06-27 06:13:06 +08:00
Code Issues Packages Projects Releases Wiki Activity
openvpn/doc/man-sections/unsupported-options.rst
Gianmarco De Gregori 802fcce544 Persist-key: enable persist-key option by default 
Change the default behavior of the OpenVPN configuration
by enabling the persist-key option by default.

This means that all the keys will be kept in memory
across restart.

Trac: #1405
Change-Id: I57f1c2ed42bd9dfd43577238749a9b7f4c1419ff
Signed-off-by: Gianmarco De Gregori <gianmarco@mandelbit.com>
Message-Id: <20240307140355.32644-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28347.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2024-03-07 15:06:36 +01:00

47 lines
1.7 KiB
ReStructuredText
Raw Blame History

UNSUPPORTED OPTIONS
===================
Options listed in this section have been removed from OpenVPN and are no
longer supported
--client-cert-not-required
Removed in OpenVPN 2.5. This should be replaxed with
``--verify-client-cert none``.
--ifconfig-pool-linear
Removed in OpenVPN 2.5. This should be replaced with ``--topology p2p``.
--key-method
Removed in OpenVPN 2.5. This option should not be used, as using the old
``key-method`` weakens the VPN tunnel security. The old ``key-method``
was also only needed when the remote side was older than OpenVPN 2.0.
--management-client-pf
Removed in OpenVPN 2.6. The built-in packet filtering (pf) functionality
has been removed.
--ncp-disable
Removed in OpenVPN 2.6. This option mainly served a role as debug option
when NCP was first introduced. It should no longer be necessary.
--no-iv
Removed in OpenVPN 2.5. This option should not be used as it weakens the
VPN tunnel security. This has been a NOOP option since OpenVPN 2.4.
--no-replay
Removed in OpenVPN 2.7. This option should not be used as it weakens the
VPN tunnel security. Previously we claimed to have removed this in
OpenVPN 2.5, but this wasn't actually the case.
--ns-cert-type
Removed in OpenVPN 2.5. The ``nsCertType`` field is no longer supported
in recent SSL/TLS libraries. If your certificates does not include *key
usage* and *extended key usage* fields, they must be upgraded and the
``--remote-cert-tls`` option should be used instead.
--prng
Removed in OpenVPN 2.6. We now always use the PRNG of the SSL library.
--persist-key
Ignored since OpenVPN 2.7. Keys are now always persisted across restarts.
Reference in New Issue View Git Blame Copy Permalink