From 8471ca5f8cf1c33184a66b447401ebb3633586a9 Mon Sep 17 00:00:00 2001
From: kev <vimagick@gmail.com>
Date: Wed, 29 Jun 2016 17:01:38 +0800
Subject: [PATCH] update ocserv

---
 ocserv/README.md | 33 ++++++++++++++++++++++++++++++++-
 1 file changed, 32 insertions(+), 1 deletion(-)

diff --git a/ocserv/README.md b/ocserv/README.md
index 46a67f6..6309811 100644
--- a/ocserv/README.md
+++ b/ocserv/README.md
@@ -1,6 +1,8 @@
 ocserv
 ======
 
+![](https://badge.imagelayers.io/vimagick/ocserv:latest.svg)
+
 [OpenConnect server][1] (ocserv) is an SSL VPN server. Its purpose is to be a
 secure, small, fast and configurable VPN server.
 
@@ -23,13 +25,42 @@ ocserv:
   restart: always
 ```
 
-> :warning: Please choose a strong password to protect VPN service.
+> - :warning: Please choose a strong password to protect VPN service.
+> - These environment variables are used to generate config files/keys.
+> - VPN accounts can be managed via [ocpasswd][2] command.
+> - You can edit the config file [/etc/ocserv/ocserv.conf][3], then restart service.
 
 ## up and running
 
 ```bash
 $ docker-compose up -d
+$ docker-compose exec ocserv bash
+>>> cd /etc/ocserv/
+>>> ocpasswd -c /etc/ocserv/ocpasswd username
+    Enter password: ******
+    Re-enter password: ******
+>>> exit
 $ docker cp ocserv_ocserv_1:/etc/ocserv/certs/client.p12 .
+$ docker-compose logs -f
+```
+
+## android client
+
+There are two auth types:
+
+- :-1: passwd: type everytime
+- :+1: certificate: import once
+
+```
+AnyConnect ->
+  Connection ->
+    Add New VPN Connection... ->
+      Advanced Preferences... ->
+        Certificate ->
+          Import ->
+            File System
 ```
 
 [1]: http://www.infradead.org/ocserv/
+[2]: http://www.gnutls.org/manual/html_node/certtool-Invocation.html
+[3]: http://www.infradead.org/ocserv/manual.html