build-key generating a error msg

Scripts to manage certificates or generate config files
Post Reply
GDGKYrrELhn
OpenVpn Newbie
Posts: 4
Joined: Thu May 07, 2020 1:23 pm

build-key generating a error msg

Post by GDGKYrrELhn » Thu May 07, 2020 1:57 pm

When I try to run the .bat file 'build-key' (under Windows 10) and build a certificate for a server, I get an error message "req: Option -config needs a value" two times and then a message "Could Not Find C:\*.Old" (which I tend to ignore). The .bat file suggests using the option -help for summary but that doesn't help me much.

I do have the 2.4.9.1601 version of the OpenVPN installation files installed on the machine and I have modified the command box's environment's variables path to include "c:\program file\openvpn;c:\program file\openvpn;bin;c:\program file\openvpn;easy-rsa" (before I was gettinng "could not locate openssl.exe' errors when I tried to run the .bat files).

Can anyone shed some light on what I am doing wrong?

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 8136
Joined: Fri Jun 03, 2016 1:17 pm

Re: build-key generating a error msg

Post by TinCanTech » Thu May 07, 2020 2:30 pm


GDGKYrrELhn
OpenVpn Newbie
Posts: 4
Joined: Thu May 07, 2020 1:23 pm

Re: build-key generating a error msg

Post by GDGKYrrELhn » Sat May 09, 2020 12:42 am

I found all the files and instructions that was recommended and set up the EasyRSA-3. But things fell apart on "step 2" when I tried to './easyrsa build-ca'. The shell reported an error after I put in the CA Key Passphrase. I got the error "Extra arguments given." " Easy-RSA error: Failed create CA private key". I tried several passphrases (like several words with spaces, several words without spaces, just a single word), but they all gave the same error of 'extra arguments given'. Isn't there some way of getting more of an error message from these things?

Can anyone give me any help in this matter?

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 8136
Joined: Fri Jun 03, 2016 1:17 pm

Re: build-key generating a error msg

Post by TinCanTech » Sat May 09, 2020 12:50 am

Try an earlier version of Easy-RSA-3 .. maybe try 305.

GDGKYrrELhn
OpenVpn Newbie
Posts: 4
Joined: Thu May 07, 2020 1:23 pm

Re: build-key generating a error msg

Post by GDGKYrrELhn » Sat May 09, 2020 11:13 pm

I took your advice and went back to the 305 version but found that there were a couple of little problems when generating a CA. During this generation, the batch file could not find a .rnd file that it was looking for (not a major problem), it couldn't find a support program 'stty' that it wanted during the input phase of the passphrase which (I think) resulted in the passphrase being echoed to the console screen. There were several other discrepancies that led me to the conclusion to try the next higher version to see if it was any better.

As it turns out, it might be better if I could get it to properly prepare the PKI environment. When I generate the shell and issue the 'easyrsa init-pki' command, the batch file returns and informs me that and PKI sub-directory has been created at a certain location and everything is ready to go. The only problem is, the sub-directory is not there; it's nowhere.

Now, I cannot believe that this team of experienced programmers published a complete version that has such a major flaw in it. I must be missing something. I have the "EasyRSA-v3.0.6" sub-directory located directory under "C:\Program Files\OpenVPN". The environmental variables for the shell are standard WIN10 with the exception that I added the "C:\Program Files\OpenVPN\bin" to the $Path string.

But I must have done something really wrong. Has anyone tried this version of EasyRSA and found a similar problem? Should I stick with version 305 and ignore the little errors that I thought were 'bad'?

GDGKYrrELhn
OpenVpn Newbie
Posts: 4
Joined: Thu May 07, 2020 1:23 pm

Re: build-key generating a error msg

Post by GDGKYrrELhn » Sun May 10, 2020 12:12 am

Sometimes, you really can solve some of your own problems. The sub-directory where EasyRSA resides has to be titled "EasyRSA" (without and versioning numbers). Then the program works like it is supposed to work. The program still has a problem finding a .rnd that seems to exist but can't be found, I'm going to keep on plugging.

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 8136
Joined: Fri Jun 03, 2016 1:17 pm

Re: build-key generating a error msg

Post by TinCanTech » Sun May 10, 2020 12:37 am

At least you are diligent .. 8-)
GDGKYrrELhn wrote:
Sun May 10, 2020 12:12 am
The program still has a problem finding a .rnd that seems to exist but can't be found
Ignore this, it is a nothing burger
GDGKYrrELhn wrote:
Sun May 10, 2020 12:12 am
The sub-directory where EasyRSA resides has to be titled "EasyRSA" (without and versioning numbers). Then the program works like it is supposed to work.
Probably just some accidental installation step missed.

Post Reply