upstream/openvpn
1
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn.git synced 2026-02-03 20:39:40 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
openvpn/sample
History
Gert Doering 8af210e49a Remove use of 'dh dh2048.pem' from sample configs, remove 'dh2048.pem' file 
Since commit bd9aa06feb (Jan 2015) OpenVPN has allowed to use
'--dh none' to disable traditional Diffie Hellman, since more secure
ECDH algorithms are available that do not use explicit DH parameters.

If configured with a suffiently high securelevel (3+), or if running in
FIPS mode, OpenSSL 3.5 will refuse 2048 bit DH files, making our tests
fail.

Thus, remove all the DH2048 stuff from our sample configs.

Github: triggered by OpenVPN/openvpn#819

Change-Id: If66438662bd862a195b2a69c4fa45f63838982b7
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250820175459.11227-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32632.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 2d73540316)
2025-08-20 23:11:53 +02:00
..
sample-config-files Remove use of 'dh dh2048.pem' from sample configs, remove 'dh2048.pem' file 2025-08-20 23:11:53 +02:00
sample-keys Remove use of 'dh dh2048.pem' from sample configs, remove 'dh2048.pem' file 2025-08-20 23:11:53 +02:00
sample-plugins Remove use of 'dh dh2048.pem' from sample configs, remove 'dh2048.pem' file 2025-08-20 23:11:53 +02:00
sample-scripts Add example script demonstrating TOTP via auth-pending 2022-09-11 22:32:26 +02:00
sample-windows Implement --genkey type keyfile syntax and migrate tls-crypt-v2 2019-07-05 12:32:49 +02:00
Makefile.am Update Copyright statements to 2024 2024-03-18 18:49:36 +01:00