I have been trying to set up OpenVPN on my fresh installation of Ubuntu Server 12.04. Following the instructions on https://help.ubuntu.com/12.04/server...nvpn-pki-setup I kept running into the errors when attempting to execute:
Code:
Nicholas@server:/etc/openvpn/easy-rsa$ source vars
**************************************************************
No /etc/openvpn/easy-rsa/openssl.cnf file could be found
Further invocations will fail
**************************************************************
I'll be the first to admit I'm a relative n00b when it comes to the CLI so this explanation may seem obvious to some but I figure there will probably be others like me with a similar issue. This took me several hours to figure out and I hope I'll be able to save someone this trouble.
I noticed there were several versions of openssl.cnf in the directory. Running I determined my version was 1.0.1 so modified the following line in the vars file to the closest match:
Code:
# This variable should point to
# the openssl.cnf file included
# with easy-rsa.
export KEY_CONFIG=`$EASY_RSA/openssl-1.0.0.cnf $EASY_RSA`
This ended up giving me a new error:
Code:
Nicholas@server:/etc/openvpn/easy-rsa$ source vars
-bash: /etc/openvpn/easy-rsa/openssl-1.0.0.cnf: Permission denied
I should note that I ran
Code:
chown -R Nicholas /etc/openvpn/easy-rsa/
after copying the easy-rsa folder to /etc/openvpn/ in order to avoid the need for sudo all the time.
At this point I tried many different methods for trying to get past this error including allowing the openssl-1.0.0.cnf file to be executable, running the command with sudo. Nothing worked. I had almost given up and was going to generate the CA and related files using my client laptop running Windows 7 when I noticed that in the Windows version, part of the vars file was different.
Modifying the vars file on my server to remove the single quotes and the second $EASY_RSA reference allowed the source vars command to complete successfully and I was able to continue the setup without incident.
Code:
# This variable should point to
# the openssl.cnf file included
# with easy-rsa.
export KEY_CONFIG=$EASY_RSA/openssl-1.0.0.cnf #<-This format works
Bookmarks