Hello,
I'm having difficulty figuring out how to have easyrsa create a signed certificate for my private key.
I've run the following commands
./easyrsa init-pki
./easyrsa gen-req myclient
However the next step should be to create a certificate .crt for the .key that was created, but I'm not understanding the instructions on how to do so.
This is the example given.
./easyrsa sign client UNIQUE_SHORT_FILE_NAME
But this is the error when I try to run it.
-----------------------------------------------------------------------------------------
root@lede:/etc/openvpn# /usr/sbin/easyrsa sign-req client myclient
Easy-RSA error:
Unknown cert type 'client'
----------------------------------------------------------------------------------------
Any ideas of what I could be doing wrong?
*EDIT*
I'm creating client keys for my OpenWrt router to connect, AS A CLIENT, to a OpenVPN server. I've been trying to use these instructions. https://community.openvpn.net/openvpn/w ... nVPN-Howto
easyrsa sign-req
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: easyrsa sign-req
That is a documentation error because the correct command is:backspin wrote:This is the example given.
./easyrsa sign client UNIQUE_SHORT_FILE_NAME
Code: Select all
./easyrsa sign-req client UNIQUE_SHORT_FILE_NAME
I expect you are using an older version of easyrsa3.
Also, there is a bug related to what you are seeing:
https://github.com/OpenVPN/easy-rsa/issues/145