Convert to prompt=no, with per cert config files. This avoids all
interaction with the user. The main point to note is that for the clients, there is a localnode.cnf and a ronnode.cnf. The difference is that I encode the type (pcron) in one of the extra fields so that tmcd can do a check on it. This is in lieu of per client certs, which would be a big pain in the butt right now. As we add other remote groups, we will create new config files. I bet this will change over time, as we learn more. Chad, it would be nice the tiptunnel cert could be generated from this setup.
Showing with 223 additions and 287 deletions