ocserv 0.11.3

Nikos Mavrogiannopoulos n.mavrogiannopoulos at gmail.com
Wed Jun 15 23:53:01 PDT 2016

  I've released ocserv 0.11.3. This is a bug fix and minor feature
update release in the 0.11.x branch.

* Version 0.11.3 (released 2016-06-16)
- ocserv: added '/cert.pem' and '/cert.cer' HTTP handlers. These
  provide the server's certificate as PEM and DER files.
- ocserv: added '/ca.pem' and '/ca.cer' HTTP handlers. These provide
  the server's CA certificate as PEM and DER files. The handlers work
  only if the CA is part of the server's certificate chain.
- ocserv: use the same work around for openconnect v3 clients in
  earlier versions. This allows very old openconnect clients to connect
  to ocserv. Addresses issue #51.
- ocserv: added the host-update-script config option. This option
  allows to specify a script to run once the hostname of the connected
  user is known.
- ocserv-fw: fixed to correctly apply the rules in the forward chain.
  Report and fix by Lance LeFlore.
- occtl: Corrected the printing of cookie last modification time.
- occtl: Print the user's cookie on occtl show user cmd.

The current release is available at:

The VPN server's web-site is at:


More information about the openconnect-devel mailing list