From 1614923b1aa47245916c52a6e7623e5ac6593d03 Mon Sep 17 00:00:00 2001 From: Angristan Date: Tue, 8 Mar 2016 23:15:52 +0100 Subject: [PATCH] TLS 1.2 only --- openvpn-install.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/openvpn-install.sh b/openvpn-install.sh index 31a87c4..7e45a7a 100644 --- a/openvpn-install.sh +++ b/openvpn-install.sh @@ -231,6 +231,7 @@ cert server.crt key server.key dh dh.pem cipher AES-256-CBC +tls-version-min 1.2 topology subnet server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt" > /etc/openvpn/server.conf @@ -358,8 +359,9 @@ nobind persist-key persist-tun remote-cert-tls server -comp-lzo -cipher AES-256-CBC" > /etc/openvpn/client-common.txt +cipher AES-256-CBC +tls-version-min 1.2 +comp-lzo" > /etc/openvpn/client-common.txt # Generates the custom client.ovpn newclient "$CLIENT" echo ""