[Bug 998918] Re: openvpn openssl.cnf file missing

Paul Renzulli 998918 at bugs.launchpad.net
Tue May 22 03:14:13 UTC 2012 

I hope this helps clarify things. Below are the instructions on how to
set up an openvpn server from the ubuntu help page (ill keep them brief)
located here - https://help.ubuntu.com/community/OpenVPN.

Following the instructions are my results.

Create the CA:

cd /etc/openvpn/easy-rsa/ ## move to the easy-rsa directory
sudo cp server.crt server.key ca.crt dh1024.pem ta.key /etc/openvpn/  
sudo chmod g+w . ## make this directory writable by the system administrators
source ./vars ## execute your new vars file
./clean-all  ## Setup the easy-rsa directory (Deletes all keys)
./build-dh  ## takes a while consider backgrounding
./pkitool --initca ## creates ca cert and key
./pkitool --server server ## creates a server cert and key
cd keys
openvpn --genkey --secret ta.key  ## Build a TLS key
sudo cp server.crt server.key ca.crt dh1024.pem ta.key ../../


Results:

Using CA Common Name: changeme
grep: /etc/openvpn/easy-rsa/openssl.cnf: No such file or directory
pkitool: KEY_CONFIG (set by the ./vars script) is pointing to the wrong
version of openssl.cnf: /etc/openvpn/easy-rsa/openssl.cnf
The correct version should have a comment that says: easy-rsa version 2.x
username at vpnserver001:/etc/openvpn/easy-rsa$ ./pkitool --server server
Using Common Name: changeme
grep: /etc/openvpn/easy-rsa/openssl.cnf: No such file or directory
pkitool: KEY_CONFIG (set by the ./vars script) is pointing to the wrong
version of openssl.cnf: /etc/openvpn/easy-rsa/openssl.cnf
The correct version should have a comment that says: easy-rsa version 2.x
username at vpnserver001:/etc/openvpn/easy-rsa$ cd keys
username at vpnserver001:/etc/openvpn/easy-rsa/keys$ openvpn --genkey --secret ta.key
username at vpnserver001:/etc/openvpn/easy-rsa/keys$ sudo cp server.crt server.key ca.crt dh1024.pem ta.key /etc/openvpn/
cp: cannot stat `server.crt': No such file or directory
cp: cannot stat `server.key': No such file or directory
cp: cannot stat `ca.crt': No such file or directory

 I am running the above commands on Ubuntu 12.04 64Bit, I installed
Ubuntu using the Alternative install.

I appreciate everything that everyone here does to make Ubuntu what it
is. Getting this problem fixed is going to allow me to fully migrate
over to 12.04. Let me know if I can be of any assistance.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openvpn in Ubuntu.
https://bugs.launchpad.net/bugs/998918

Title:
  openvpn  openssl.cnf file missing

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/998918/+subscriptions

More information about the Ubuntu-server-bugs mailing list