Closed hadifarnoud closed 7 years ago
You can run with the '-v' opinion with docker and point the /etc/ocserv
to your host's path, and you can add / edit your own config file.
I have difficulty with CA. used this command:
docker run --name ocserv --privileged -p 443:443 -p 443:443/udp -e SRV_CN=my.test.com -e SRV_ORG="My Test" -e SRV_DAYS=365 -d tommylau/ocserv
I changed SRV_CN
to my domain name. but Cisco Anyconnect is still saying 'certificate does not match server name' and I can't connect.
You have to have a valid signed certificate from those authorities.
The one from command line is self-signed only.
thanks, I've followed this tutorial. it was a bit outdated but managed to fix the issues and now have valid certificate. maybe you can update your README and add support for Letsencrypt?
I'd love to, but it will be a little bit over what ocserv
can do, certificate should not be considered as part of it.
It could be nice to have that optional step. It makes your image super useful
a, pre, code, a:link, body { word-wrap: break-word !important; }
how can I add a valid certificate in order to get rid of 'untrusted server' errors?
what are Route and All proxy groups mean? does it mean you can exclude .cn domains from VPN?