diff -Nur -x '*.orig' -x '*.rej' smeserver-openvpn-s2s-0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/openvpns2s mezzanine_patched_smeserver-openvpn-s2s-0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/openvpns2s
--- smeserver-openvpn-s2s-0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/openvpns2s	2010-10-17 16:10:14.000000000 +0200
+++ mezzanine_patched_smeserver-openvpn-s2s-0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/openvpns2s	2010-10-17 16:09:42.000000000 +0200
@@ -44,8 +44,71 @@
         <trans>Status</trans>
     </entry>
     <entry>
+        <base>DESC_AUTH</base>
+        <trans>
+            <![CDATA[Choose the authentication mechanism.<br>
+            Shared Key is simple to configure because you don't need to create and manage a PKI. 
+            You just need to create a secret key, and and configure it on both side.<br>
+            TLS authentication is a bit harder to configure, as you'll need to manage a PKI, but
+            provide a better level of security (like the Perfect Forward Secrecy).<br>
+            If you don't care about the extra security provided by TLS, you should choose Shared Key here.]]>
+        </trans>
+    </entry>
+    <entry>
+        <base>LABEL_AUTH</base>
+        <trans>Authentication mechanism</trans>
+    </entry>
+    <entry>
+        <base>DESC_CONFIGURE_CERT</base>
+        <trans>This page lets you configure the authentication of this daemon</trans>
+    </entry>
+    <entry>
+        <base>DESC_CRL_URL</base>
+        <trans>
+           You can enter an URL where the CRL can be find. Your SME Server will update the CRL every hour 
+           and check if the certificate of the remote endpoint is not revoked. If you don't wan't to use 
+           the CRL verification , just let this field emtpy.
+        </trans>
+    </entry>
+    <entry>
+        <base>LABEL_CRL_URL</base>
+        <trans>CRL update URL</trans>
+    </entry>
+    <entry>
+        <base>DESC_CA_PEM</base>
+        <trans>Enter the authoritative certificate in pem format</trans>
+    </entry>
+    <entry>
+        <base>LABEL_CA_PEM</base>
+        <trans>Authoritative certificate</trans>
+    </entry>
+    <entry>
+        <base>DESC_CRT_PEM</base>
+        <trans>Enter the certificate in pem format</trans>
+    </entry>
+    <entry>
+        <base>LABEL_CRT_PEM</base>
+        <trans>Enter the certificate in pem format</trans>
+    </entry>
+    <entry>
         <base>DESC_REMOTE_HOST</base>
-        <trans>Enter the hostname or IP of the remote server</trans>
+        <trans>Certificate</trans>
+    </entry>
+    <entry>
+        <base>DESC_KEY_PEM</base>
+        <trans>Enter the private key in pem format</trans>
+    </entry>
+    <entry>
+        <base>LABEL_KEY_PEM</base>
+        <trans>Private key</trans>
+    </entry>
+    <entry>
+        <base>DESC_DH_PEM</base>
+        <trans>Enter Diffie-Hellman parameters</trans>
+    </entry>
+    <entry>
+        <base>LABEL_DH_PEM</base>
+        <trans>Diffie-Hellman parameters</trans>
     </entry>
     <entry>
         <base>LABEL_REMOTE_HOST</base>
@@ -102,9 +165,19 @@
         </trans>
     </entry>
     <entry>
+        <base>DESC_SHARED_KEY_TLS</base>
+        <trans>
+            <![CDATA[You can enter here a optional secret key.<br>
+            It will provide an extra security layer to your server.<br>
+            You can create keys using this command: openvpn --genkey --secret /dev/stdout<br>
+            This key should be kept secret, and only be stored on the client and the server.]]>
+        </trans>
+    </entry>
+    <entry>
         <base>LABEL_SHARED_KEY</base>
-        <trans>Secret key</trans>
+        <trans>Shared key</trans>
     </entry>
+
     <entry>
         <base>DESC_ADD_SERVER_PAGE</base>
         <trans>This page lets you configure a new daemon acting as a server</trans>