[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] Problem for set a CA key

  • Subject: [Openvpn-users] Problem for set a CA key
  • From: Bruno Sampayo <bruno@xxxxxxxxxxxxxx>
  • Date: Mon, 09 Apr 2007 18:47:22 -0300

Hey List,
  I'm following this official howto from openvpn.net:

Everything is running fine with a static.key, but when I try to make a 
CA keys following this step form the howto: (Setting up your own 
Certificate Authority (CA) and generating certificates and keys for an 
OpenVPN server and multiple clients).

I set the vars with these options:

# easy-rsa parameter settings

# NOTE: If you installed from an RPM,
# don't edit this file in place in
# /usr/share/openvpn/easy-rsa --
# instead, you should copy the whole
# easy-rsa directory to another location
# (such as /etc/openvpn) so that your
# edits will not be wiped out by a future
# OpenVPN package upgrade.

# This variable should point to
# the top level of the easy-rsa
# tree.
export D=`pwd`

# This variable should point to
# the openssl.cnf file included
# with easy-rsa.
export KEY_CONFIG=$D/openssl.cnf

# Edit this variable to point to
# your soon-to-be-created key
# directory.
# WARNING: clean-all will do
# a rm -rf on this directory
# so make sure you define
# it correctly!
export KEY_DIR=$D/keys

# Issue rm -rf warning
echo NOTE: when you run ./clean-all, I will be doing a rm -rf on $KEY_DIR

# Increase this to 2048 if you
# are paranoid.  This will slow
# down TLS negotiation performance
# as well as the one-time DH parms
# generation process.
export KEY_SIZE=1024

# These are the default values for fields
# which will be placed in the certificate.
# Don't leave any of these fields blank.
export KEY_ORG="OpenVPN"
export KEY_EMAIL="bruno@xxxxxxxxxxxxxx"

Accurately in this step on howto I got this status:

"Next, initialize the PKI. On Linux/BSD/Unix:"

    *. ./vars
      debian:/etc/openvpn/easy-rsa# ./vars 
      NOTE: when you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/keys


      debian:/etc/openvpn/easy-rsa# ./clean-all 
      you must define KEY_DIR


*	debian:/etc/openvpn/easy-rsa# ./build-ca *
	you must define KEY_DIR**

    Could someone help me with this problem? I thought that I configure 
it on vars config.?

Operational system = Debian Sarge

debian:/etc/openvpn/easy-rsa# uname -a
Linux debian 2.6.8-1-386 #1 Thu Nov 11 12:18:43 EST 2004 i686 GNU/Linux

#openvpn --version
OpenVPN 2.0 i386-pc-linux [SSL] [LZO] [EPOLL] built on Jan  7 2007
Developed by James Yonan
Copyright (C) 2002-2005 OpenVPN Solutions LLC <info@xxxxxxxxxxx>

Thanks for help,
Bruno Sampayo

Bruno Sampayo <bruno@xxxxxxxxxxxxxx>
Tel.: +55(011) 50973005
Samurai Projetos Especiais

OpenVPN mailing lists