removed the certificate[optional] auth type

doc/sample.config

@@ -29,6 +29,7 @@
 #auth = "pam"
 #auth = "pam[gid-min=1000]"
 auth = "plain[./sample.passwd]"
+#auth = "certificate"
 #auth = "radius[/etc/radiusclient/radiusclient.conf,groupconfig]"
 
 # Whether to enable seccomp/Linux namespaces worker isolation. That restricts the number of 
@@ -69,7 +70,7 @@ udp-port = 443
 # connections (i.e., without SSL/TLS unlike its TCP counterpart),
 # and uses it as the primary channel. That option cannot be
 # combined with certificate authentication.
-listen-clear-file = /var/run/ocserv-conn.socket
+#listen-clear-file = /var/run/ocserv-conn.socket
 
 # Stats report time. The number of seconds after which each
 # worker process will report its usage statistics (number of
@@ -134,13 +135,13 @@ server-key = ../tests/server-key.pem
 # The Certificate Authority that will be used to verify
 # client certificates (public keys) if certificate authentication
 # is set.
-#ca-cert = /path/to/ca.pem
+ca-cert = ../tests/ca.pem
 
 # The object identifier that will be used to read the user ID in the client 
 # certificate. The object identifier should be part of the certificate's DN
 # Useful OIDs are: 
 #  CN = 2.5.4.3, UID = 0.9.2342.19200300.100.1.1
-#cert-user-oid = 0.9.2342.19200300.100.1.1
+cert-user-oid = 0.9.2342.19200300.100.1.1
 
 # The object identifier that will be used to read the user group in the 
 # client  certificate. The object identifier should be part of the certificate's
@@ -370,7 +371,7 @@ no-route = 192.168.5.0/255.255.255.0
 # or the groupname.
 # The options allowed in the configuration files are dns, nbns,
 #  ipv?-network, ipv4-netmask, rx/tx-per-sec, iroute, route,
-#  net-priority, deny-roaming, no-udp, user-profile, require-cert, and cgroup.
+#  net-priority, deny-roaming, no-udp, user-profile, and cgroup.
 #
 # Note that the 'iroute' option allows to add routes on the server
 # based on a user or group. The syntax depends on the input accepted