I can't able to create a New certificate

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
pdurgaramesh
OpenVpn Newbie
Posts: 1
Joined: Sun Mar 13, 2011 10:07 am

I can't able to create a New certificate

Post by pdurgaramesh » Sun Mar 13, 2011 10:15 am

Dear All,

I am using CentOS Linux 4.8 and running OpenVPN 2.0.9. Now i have the problem in last few days that i can't able to create a New certificate and it gives error. The existing certificates(Clients) can able to connect and it works fine but they are able to view under certificates in OpenVPN status window. The error is given below. Please help me to sort out this issue.

ERROR:

+ OK got the valid input
+ OK got the User Private Key
+ OK generated the User Certificate Request
+ OK read current openssl serial (01)
+ OK read the openssl database (1 items)
+ OK read the CA Private Key
+ OK signed the User Certificate Request with CA Private Key
- ERROR on 267 line (openssl_pkey_export_to_file)
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0200100D:system library:fopen:Permission denied
error:2006D002:BIO routines:BIO_new_file:system lib
error:09072007:PEM routines:PEM_write_bio:BUF lib
(That might mean that the key folder is not write enabled for www user)


Thanks in Advance
Durga Ramesh.P
Top
User avatar
Bebop
Forum Team
Posts: 301
Joined: Wed Dec 15, 2010 9:24 pm

Re: I can't able to create a New certificate

Post by Bebop » Mon Mar 14, 2011 4:13 am

pdurgaramesh wrote: error:0200100D:system library:fopen:Permission denied
error:2006D002:BIO routines:BIO_new_file:system lib
error:09072007:PEM routines:PEM_write_bio:BUF lib
(That might mean that the key folder is not write enabled for www user)
Have you tired to locate the key folder to see that it is write enabled for the www user?
The cure for boredom is curiosity
Top
User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:
Contact janjust

Re: I can't able to create a New certificate

Post by janjust » Mon Mar 14, 2011 10:22 am

sounds like you forgot to run the

Code: Select all

. ./var
command before trying to generate a new easy-rsa certificate...
Top
Post Reply

Return to “Server Administration”