[Bug 998918] Re: openvpn openssl.cnf file missing
eas
especkman at gmail.com
Sun May 26 20:50:21 UTC 2013
I spent a little time debugging this. I don't think it is a matter of a
missing config file.
When you 'source vars', one of the things that happens is this:
> # This variable should point to
> # the openssl.cnf file included
> # with easy-rsa.
> export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
If you look at whichopensslcnf, you see that the first section includes
logic for determining the correct config file to used based on the
OpenSSL version installed on the system.
On my system (12.04 lts), 'openssl version' produces the following
output:
> # openssl version
> OpenSSL 1.0.1 14 Mar 2012
Which, presumably, should generate a match in this code in
whichopensslcnf:
> elif $OPENSSL version | grep -E "1\.0\.([[:digit:]][[:alnum:]])" > /dev/null; then
> cnf="$1/openssl-1.0.0.cnf"
> else
> cnf="$1/openssl.cnf"
> fi
Instead it is falling through to the default value (tested by running
the grep command on its own) , which results in the output noted by
others above.
One workaround is to symlink openssl.cnf to the appropriate config file
mentioned above. The solution is to fix the pattern matching...
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openvpn in Ubuntu.
https://bugs.launchpad.net/bugs/998918
Title:
openvpn openssl.cnf file missing
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/998918/+subscriptions
More information about the Ubuntu-server-bugs
mailing list