On Sat, 2014-07-26 at 21:54 +0100, Gareth Williams wrote: > Unfortunately, I'm getting the message below when I run the server in a > terminal with debugging enabled. > Does it mean anything to anyone? The lines that concern me are the ones > about obtaining the username. > ocserv[5011]: worker: xx.xxx.65.223:51482 worker-auth.c:397: cannot > obtain user from certificate DN: The given memory buffer is too short to > hold parameters. > ocserv[5011]: worker: xx.xxx.65.223:51482 worker-auth.c:765: cannot get > username ((null)) from certificate > The log is a bit cryptic and what it means is that you haven't set the cert-user-oid in the configuration file. Seeing your DN most probably you use the CN part as the username holder. If you don't set that ocserv assumes that the whole DN is the username and in your case it exceeds the username limit of 64 bytes. regards, Nikos
