A week later, an everyone all of a sudden needs vpn, so I need to create more keys.
The problem is that the windows computer used to create the keys has been formatted and turned into a pfsense box.
I still have the keys folder, and all the details used to create the keys (country, province, city, key-org, common name etc..)
So ive installed openvpn onto another windows pc, have put the keys folder into C:\Program Files\OpenVPN\easy-rsa, have recreated the vars.bat with the exact same details as before, and have tried creating more clients, but this is what I get:
C:\Program Files\OpenVPN\easy-rsa>build-key client17
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
...++++++
............++++++
writing new private key to 'keys\client17.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [UK]:
State or Province Name (full name) [LONDON]:
Locality Name (eg, city) [LONDON]:
Organization Name (eg, company) [OpenVPN]:
Organizational Unit Name (eg, section) []:###### (hashed out for privacy)
Common Name (eg, your name or your server's hostname) []:client17
Email Address [####@####.com]
hashed out for privacy)Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Using configuration from openssl.cnf
Loading 'screen' into random state - done
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName
RINTABLE:'UK'stateOrProvinceName
RINTABLE:'LONDON'localityName
RINTABLE:'LONDON'organizationName
RINTABLE:'OpenVPN'organizationalUnitName:PRINTABLE:###### (hashed out for privacy)
commonName
RINTABLE:'client17'emailAddress :IA5STRING:[####@####.com]
hashed out for privacy)]The stateOrProvinceName field needed to be the same in the
CA certificate (LONDON ) and the request (LONDON)
Could Not Find C:\Program Files\OpenVPN\easy-rsa\keys\*.old
Ok so the line "The stateOrProvinceName field needed to be the same in the CA certificate (LONDON ) and the request (LONDON)" looks like I might have had a couple spaces after "LONDON", however I tried rebuilding with 2 spaces but still get the output:
The stateOrProvinceName field needed to be the same in the
CA certificate (LONDON ) and the request (LONDON )
So not sure why thats happening or how to fix it.
Second thing is "Could Not Find C:\Program Files\OpenVPN\easy-rsa\keys\*.old" , I cant remembder these files in the keys folder before, how do I get around this ?
Is there something I am missing ? is it possible for me to create more keys by just having the keys folder with the vars.bat like it originally was ? I have tested the client17 key, and it does not work. Also, after creating more keys, do I need to re-generate the Diffie Hellman parameters and re-add it to the vpn server ?
Thanks in advance
