Setup Certificate Authority

Support forum for Easy-RSA certificate management suite.
Post Reply
radiofred
OpenVpn Newbie
Posts: 3
Joined: Wed Apr 10, 2019 8:12 pm

Setup Certificate Authority

Post by radiofred » Wed Apr 10, 2019 8:42 pm

We are working our way line by line through the how-to .. up to Step 5, Setup Certificate Authority .. we were unable to cd to /etc/openvpn/openvpn-ca. We found a way to edit the vars file in spite of that, by doing $ sudo vim /etc/openvpn/openvpn-ca/vars

but we are now unable to $ source vars.

--can't cd to /etc/openvpn/openvpn-ca--
$ cd /etc/openvpn/openvpn-ca
-bash: cd: /etc/openvpn/openvpn-ca: Permission denied
...
:/etc/openvpn$ sudo cd /etc/openvpn/openvpn-ca
sudo: cd: command not found
:/etc/openvpn$

--we can, however, list the directory--
:/etc/openvpn$ sudo ls -l openvpn-ca
total 36
lrwxrwxrwx 1 root root 28 Apr 10 14:51 build-ca -> /usr/share/easy-rsa/build-ca
lrwxrwxrwx 1 root root 28 Apr 10 14:51 build-dh -> /usr/share/easy-rsa/build-dh
lrwxrwxrwx 1 root root 31 Apr 10 14:51 build-inter -> /usr/share/easy-rsa/build-inter
lrwxrwxrwx 1 root root 29 Apr 10 14:51 build-key -> /usr/share/easy-rsa/build-key
lrwxrwxrwx 1 root root 34 Apr 10 14:51 build-key-pass -> /usr/share/easy-rsa/build-key-pass
lrwxrwxrwx 1 root root 36 Apr 10 14:51 build-key-pkcs12 -> /usr/share/easy-rsa/build-key-pkcs12
lrwxrwxrwx 1 root root 36 Apr 10 14:51 build-key-server -> /usr/share/easy-rsa/build-key-server
lrwxrwxrwx 1 root root 29 Apr 10 14:51 build-req -> /usr/share/easy-rsa/build-req
lrwxrwxrwx 1 root root 34 Apr 10 14:51 build-req-pass -> /usr/share/easy-rsa/build-req-pass
lrwxrwxrwx 1 root root 29 Apr 10 14:51 clean-all -> /usr/share/easy-rsa/clean-all
lrwxrwxrwx 1 root root 33 Apr 10 14:51 inherit-inter -> /usr/share/easy-rsa/inherit-inter
lrwxrwxrwx 1 root root 28 Apr 10 14:51 list-crl -> /usr/share/easy-rsa/list-crl
-rw-r--r-- 1 root root 7859 Apr 10 14:51 openssl-0.9.6.cnf
-rw-r--r-- 1 root root 8416 Apr 10 14:51 openssl-0.9.8.cnf
-rw-r--r-- 1 root root 8313 Apr 10 14:51 openssl-1.0.0.cnf
lrwxrwxrwx 1 root root 27 Apr 10 14:51 pkitool -> /usr/share/easy-rsa/pkitool
lrwxrwxrwx 1 root root 31 Apr 10 14:51 revoke-full -> /usr/share/easy-rsa/revoke-full
lrwxrwxrwx 1 root root 28 Apr 10 14:51 sign-req -> /usr/share/easy-rsa/sign-req
-rw-r--r-- 1 root root 2048 Apr 10 15:31 vars
lrwxrwxrwx 1 root root 35 Apr 10 14:51 whichopensslcnf -> /usr/share/easy-rsa/whichopensslcnf
:/etc/openvpn$

--but we can't $ source .......... --
:/etc/openvpn$ source openvpn-ca/vars
-bash: openvpn-ca/vars: Permission denied
:/etc/openvpn$ sudo source openvpn-ca/vars
[sudo] password for wnhn:
sudo: source: command not found
:/etc/openvpn$

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 5698
Joined: Fri Jun 03, 2016 1:17 pm

Re: Setup Certificate Authority

Post by TinCanTech » Wed Apr 10, 2019 9:19 pm

I would definitely advise that you do not use sudo.

radiofred
OpenVpn Newbie
Posts: 3
Joined: Wed Apr 10, 2019 8:12 pm

Re: Setup Certificate Authority

Post by radiofred » Sun Apr 28, 2019 1:59 pm

# sudo su
solved the problem.

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 5698
Joined: Fri Jun 03, 2016 1:17 pm

Re: Setup Certificate Authority

Post by TinCanTech » Sun Apr 28, 2019 2:42 pm

The recommended method is to copy EasyRSA to a user writeable folder.

Post Reply