X-Git-Url: https://git.ozlabs.org/?p=ppp.git;a=blobdiff_plain;f=README.eap-tls;h=7895b2b2eaa15c53f70aeca06f52f7dd9c92d4b6;hp=bc1066ed0436db585c5561b8efab9a51437afc40;hb=HEAD;hpb=b2a4275ba78b07a4e47dcefb8c9bf2fd8456184a diff --git a/README.eap-tls b/README.eap-tls index bc1066e..025dcfd 100644 --- a/README.eap-tls +++ b/README.eap-tls @@ -17,9 +17,11 @@ EAP-TLS authentication support for PPP mechanism. It also provides optional encryption using the MPPE protocol. - This patch provide EAP-TLS support to pppd. - This authentication method can be used in both client or server - mode. + EAP-TLS support is included in pppd, and is enabled or disabled + at configure time by using the --enable-eaptls and --disable-eaptls + arguments to ./configure. + + This authentication method can be used in both client and server mode. 2. Building @@ -134,6 +136,9 @@ EAP-TLS authentication support for PPP key Use the client private key found in in PEM format or in engine:engine_id format + pkcs12 + Use a pkcs12 envelope as a substitute for cert and key. A password may be + required to use this file. crl Use the Certificate Revocation List (CRL) file in PEM format. crl-dir @@ -147,7 +152,9 @@ EAP-TLS authentication support for PPP max-tls-version <1.0|1.1|1.2 (default)|1.3> Specify the maximum TLS protocol version to negotiate with peers. Defaults to TLSv1.2 as the TLSv1.3 code is experimental. - verify-tls-peer + tls-verify-key-usage + Validate certificate purpose and extended key usage + tls-verify-method Compare the remotename against the subject, certificate name, or match by suffix. Default is 'name'.