openvpn client with higher openssl version that cert generation

Scripts to manage certificates or generate config files
sdvpn
OpenVpn Newbie
Posts: 1
Joined: Thu Aug 10, 2017 2:59 am

openvpn client with higher openssl version that cert generation

Postby sdvpn » Thu Aug 10, 2017 3:10 am

Trying to run openvpn server on tomato router and connect with android openvpn client. It's not working, I've tried a few different things so I dont have the exact error in front of me now. But I believe the issue might be that the android openvpn client uses openssl 1.1.0f. But I generated the certificates using easy-rsa on ubuntu 16.04 which uses openssl 1.0.2g. Is that my problem? My router is using openvpn 1.0.2k.

I want to upgrade my easy-rsa scripts on ubuntu 16.04 so I could verify if that is my problem. So I pgraded openvpn and I upgraded openssl to 1.1.0f, but still the easy-rsa scripts point to old openssl. I am getting the error:

easyrsa/openssl.cnf: No such file or directory
pkitool: KEY_CONFIG (set by the ./vars script) is pointing to the wrong
version of openssl.cnf: /home/sd/easyrsa/openssl.cnf


I looked at the easy-rsa directory and see openssl-1.0.0.cnf but I don't see one for version 1.1.0. I also looked on the web and could not find such a file. So I must be on the wrong track. Maybe I went to far and should of just upgraded to openvpn 1.0.2k on ubuntu, might try that next. Or maybe I need to downgrade openvpn on android to something that uses openssl 1.0.2k. Too many things to try, any suggestions?

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2708
Joined: Fri Jun 03, 2016 1:17 pm

Re: openvpn client with higher openssl version that cert generation

Postby TinCanTech » Thu Aug 10, 2017 8:16 pm



Return to “Cert / Config management”

Who is online

Users browsing this forum: No registered users and 1 guest