summaryrefslogtreecommitdiff
path: root/app/openvpn/doc/openvpn.8
diff options
context:
space:
mode:
authorParménides GV <parmegv@sdf.org>2014-12-20 20:14:23 +0100
committerParménides GV <parmegv@sdf.org>2014-12-23 19:58:02 +0100
commitd6190becb1c48ee912b11a4206116d0fd4c90772 (patch)
tree1a8d7f85690ce56196855fa969e86b1e53d813f3 /app/openvpn/doc/openvpn.8
parentb1219330faf64b2cd4330d44390fdec137b659b7 (diff)
Update ics-openvpn to 1006
Diffstat (limited to 'app/openvpn/doc/openvpn.8')
-rw-r--r--app/openvpn/doc/openvpn.827
1 files changed, 9 insertions, 18 deletions
diff --git a/app/openvpn/doc/openvpn.8 b/app/openvpn/doc/openvpn.8
index f2911c0e..532eda5c 100644
--- a/app/openvpn/doc/openvpn.8
+++ b/app/openvpn/doc/openvpn.8
@@ -1437,6 +1437,7 @@ Currently defaults to 100.
Limit bandwidth of outgoing tunnel data to
.B n
bytes per second on the TCP/UDP port.
+Note that this will only work if mode is set to p2p.
If you want to limit the bandwidth
in both directions, use this option on both peers.
@@ -4330,6 +4331,11 @@ and version is not recognized, we will only accept the highest TLS
version supported by the local SSL implementation.
.\"*********************************************************
.TP
+.B \-\-tls-version-max version
+Set the maximum TLS version we will use (default is the highest version
+supported). Examples for version include "1.0", "1.1", or "1.2".
+.\"*********************************************************
+.TP
.B \-\-pkcs12 file
Specify a PKCS #12 file containing local private key,
local certificate, and root CA certificate.
@@ -4603,26 +4609,11 @@ bearing an incorrect HMAC signature can be dropped immediately without
response.
.B file
-(required) is a key file which can be in one of two formats:
-
-.B (1)
-An OpenVPN static key file generated by
+(required) is a file in OpenVPN static key format which can be generated by
.B \-\-genkey
-(required if
-.B direction
-parameter is used).
-
-.B (2)
-A freeform passphrase file. In this case the HMAC key will
-be derived by taking a secure hash of this file, similar to
-the
-.BR md5sum (1)
-or
-.BR sha1sum (1)
-commands.
-OpenVPN will first try format (1), and if the file fails to parse as
-a static key file, format (2) will be used.
+Older versions (up to 2.3) supported a freeform passphrase file.
+This is no longer supported in newer versions (2.4+).
See the
.B \-\-secret