What exists in /usr/share/openvpn/easy-rsa/2.0/keys? If you did a
clean-all, then you will be missing some important files (most especially
the ca.key file, but also some others such as the index and serial files)
If that's the case, you will most likely need to start over from a new CA.
(one thing I always do, after getting a CA set up, is edit the clean-all
to make it less dangerous, otherwise it just feels like I'm leaving primed
explosives laying around in case I decide I want to use them... best to
keep them locked away.)
-Joe
On Mon, Jan 20, 2014 at 8:39 AM, Johan Vermeulen
<jvermeu...@cawdekempen.be>wrote:
> Dear All,
>
> since a long time we have an Openvpn-server, now on Centos6,
> originaly setup on OpenSuse
>
> [root@caw-server1 2.0]# rpm -qa openvpn
> openvpn-2.3.1-3.el6.x86_64
>
> It is very reliable, and my only activity on it, is generate new client
> keys.
>
> Not sure what happened -- a ./clean-all could have been run on it -- but
> since last week, I'm unable to generate new client keys.
>
> [root@caw-server1 2.0]# source ./vars
> NOTE: If you run ./clean-all, I will be doing a rm -rf on
> /usr/share/openvpn/easy-rsa/2.0/keys
> [root@caw-server1 2.0]# ./build-key testjohan
> pkitool: Need a readable ca.crt and ca.key in
> /usr/share/openvpn/easy-rsa/2.0/keys
> Try pkitool --initca to build a root certificate/key.
>
> The EM is straightforward enough, but I'm unsure on how to proceed.
>
> As far as I can tell the important files are in /etc/pki/tls/certs/ :
> [root@caw-server1 certs]# ls
> ca-bundle.crt ca-bundle.trust.crt ca.pem make-dummy-cert Makefile
> servercert.pem serverkey.pem slapd.pem
>
> as is reflected in /etc/openvpn/server.conf :
>
> ca /etc/pki/tls/certs/ca.pem
> cert /etc/pki/tls/certs/servercert.pem
> key /etc/pki/tls/certs/serverkey.pem
>
> but copying / renaming them did not solve the issue.
>
> Can anyone offer some advise on this?
>
> Many thanks, J.
>
> --
> Johan Vermeulen
> IT-medewerker
>
> Powered by Linux.
>
>
>
> ------------------------------------------------------------------------------
> CenturyLink Cloud: The Leader in Enterprise Cloud Services.
> Learn Why More Businesses Are Choosing CenturyLink Cloud For
> Critical Workloads, Development Environments & Everything In Between.
> Get a Quote or Start a Free Trial Today.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
>
------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
