[Bug 231199] Re: revoke-full fails
Thierry Carrez
thierry.carrez at canonical.com
Mon Jul 21 14:14:20 BST 2008
We are not using PKCS#11, and the "pkcs11 = pkcs11_section" line in
openssl.cnf is properly commented out. The problem is that openssl
doesn't just ignore the [ pkcs11_section ]: it still parses its
configuration lines and MODULE_PATH = $ENV::PKCS11_MODULE_PATH results
in an undefined variable :
----------------
# If you are using PKCS#11
# Install engine_pkcs11 of opensc (www.opensc.org)
# And uncomment the following
# verify that dynamic_path points to the correct location
#
#pkcs11 = pkcs11_section
[ pkcs11_section ]
engine_id = pkcs11
dynamic_path = /usr/lib/engines/engine_pkcs11.so
MODULE_PATH = $ENV::PKCS11_MODULE_PATH
----------------------
The solution is to comment those lines or implement PKCS#11 support in
openvpn and fix those lines accordingly.
** Changed in: openvpn (Ubuntu)
Importance: Undecided => Low
Status: New => Confirmed
--
revoke-full fails
https://bugs.launchpad.net/bugs/231199
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openvpn in ubuntu.
More information about the Ubuntu-server-bugs
mailing list