I’m trying to find out more about what protection does a certificate give. (RoS v 7.16.2)
Does ovpn on Mikrotik check anything other than weather the certificate is signed by a trusted CA?
For testing I’ve made a certificate, with key usage “tls client”, put it on the server and it worked. No field on the certificate is filled with anything that could make sense, but it still works.
I’ve checked, on the ovpn client (also a Mikrotik router) the “Verify server certificate” is checked.
In the on-up script maybe is possible to make some additional checks, but what data is passed to that script?
