diff options
Diffstat (limited to 'openvpn/doc/openvpn.8')
-rw-r--r-- | openvpn/doc/openvpn.8 | 49 |
1 files changed, 46 insertions, 3 deletions
diff --git a/openvpn/doc/openvpn.8 b/openvpn/doc/openvpn.8 index 56be29ec..f586744e 100644 --- a/openvpn/doc/openvpn.8 +++ b/openvpn/doc/openvpn.8 @@ -2431,11 +2431,14 @@ be set to 127.0.0.1 server to local clients. .TP .B \-\-management-client -Management interface will connect as a TCP client to +Management interface will connect as a TCP/unix domain client to .B IP:port specified by .B \-\-management -rather than listen as a TCP server. +rather than listen as a TCP server or on a unix domain socket. + +If the client connection fails to connect or is disconnected, +a SIGTERM signal will be generated causing OpenVPN to quit. .\"********************************************************* .TP .B \-\-management-query-passwords @@ -2478,7 +2481,8 @@ command. .B \-\-management-signal Send SIGUSR1 signal to OpenVPN if management session disconnects. This is useful when you wish to disconnect an OpenVPN session on -user logoff. +user logoff. For --management-client this option is not needed since +a disconnect will always generate a SIGTERM. .\"********************************************************* .TP .B \-\-management-log-cache n @@ -3621,6 +3625,14 @@ would see nothing but random-looking data. .\"********************************************************* .TP +.B \-\-key-direction +Alternative way of specifying the optional direction parameter for the +.B \-\-tls-auth +and +.B \-\-secret +options. Useful when using inline files (See section on inline files). +.\"********************************************************* +.TP .B \-\-auth alg Authenticate packets with HMAC using message digest algorithm @@ -5901,6 +5913,37 @@ X509_1_C=KG .ft .fi .\"********************************************************* +.SH INLINE FILE SUPPORT +OpenVPN allows including files in the main configuration for the +.B \-\-ca, \-\-cert, \-\-dh, \-\-extra-certs, \-\-key, \-\-pkcs12, \-\-secret +and +.B \-\-tls-auth +options. + +Each inline file started by the line +.B <option> +and ended by the line +.B </option> + +Here is an example of an inline file usage + +.nf +.ft 3 +.in +4 +<cert> +-----BEGIN CERTIFICATE----- +[...] +-----END CERTIFICATE----- +</cert> +.in -4 +.ft +.fi + +When using the inline file feature with +.B \-\-pkcs12 +the inline file has to be base64 encoded. Encoding of a .p12 file into base64 can be done for example with OpenSSL by running +.B openssl base64 -in input.p12 + .SH SIGNALS .TP .B SIGHUP |