From 6606883665a00589027ad570dad2cdf3082c761f Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu, 7 Feb 2013 18:26:40 +0100
Subject: [PATCH] updated readme

---
 README            | 5 +++++
 src/sample.config | 5 +++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/README b/README
index 64e1e29d..a18e3f9f 100644
--- a/README
+++ b/README
@@ -3,6 +3,11 @@ To build from the git repository use:
 $ autoreconf -fvi
 $ ./configure && make
 
+Now you need to generate a certificate. E.g.
+$ certtool --generate-privkey > ./test-key.pem
+$ certtool --generate-self-signed --load-privkey test-key.pem --outfile test-cert.pem
+(make sure you enable encryption or signing)
+
 To run the server edit the src/sample.config and then run:
 # src/ocserv -f -c src/sample.config
 
diff --git a/src/sample.config b/src/sample.config
index cf45fa5a..d4a1e29a 100644
--- a/src/sample.config
+++ b/src/sample.config
@@ -1,6 +1,7 @@
 # User authentication method. Could be set multiple times and in that case
 # all should succeed.
 # Options: certificate, pam. 
+#auth = certificate
 auth = "pam"
 
 # UTMP
@@ -25,8 +26,8 @@ udp-port = 3333
 keepalive = 90
 
 # The key and the certificates of the server
-server-cert = /home/nmav/cvs/ocserv/test.pem
-server-key = /home/nmav/cvs/ocserv/test.pem
+server-cert = ./test-cert.pem
+server-key = ./test-key.pem
 
 # The Certificate Authority that will be used
 # to verify clients if certificate authentication