build-key generating a error msg

[GDGKYrrELhn]

When I try to run the .bat file 'build-key' (under Windows 10) and build a certificate for a server, I get an error message "req: Option -config needs a value" two times and then a message "Could Not Find C:\*.Old" (which I tend to ignore). The .bat file suggests using the option -help for summary but that doesn't help me much.

I do have the 2.4.9.1601 version of the OpenVPN installation files installed on the machine and I have modified the command box's environment's variables path to include "c:\program file\openvpn;c:\program file\openvpn;bin;c:\program file\openvpn;easy-rsa" (before I was gettinng "could not locate openssl.exe' errors when I tried to run the .bat files).

Can anyone shed some light on what I am doing wrong?

[TinCanTech]

Just use EasyRSA-3 https://github.com/OpenVPN/easy-rsa/releases

And also: https://github.com/TinCanTech/easy-tls

[GDGKYrrELhn]

I found all the files and instructions that was recommended and set up the EasyRSA-3. But things fell apart on "step 2" when I tried to './easyrsa build-ca'. The shell reported an error after I put in the CA Key Passphrase. I got the error "Extra arguments given." " Easy-RSA error: Failed create CA private key". I tried several passphrases (like several words with spaces, several words without spaces, just a single word), but they all gave the same error of 'extra arguments given'. Isn't there some way of getting more of an error message from these things?

Can anyone give me any help in this matter?

[TinCanTech]

Try an earlier version of Easy-RSA-3 .. maybe try 305.

[GDGKYrrELhn]

I took your advice and went back to the 305 version but found that there were a couple of little problems when generating a CA. During this generation, the batch file could not find a .rnd file that it was looking for (not a major problem), it couldn't find a support program 'stty' that it wanted during the input phase of the passphrase which (I think) resulted in the passphrase being echoed to the console screen. There were several other discrepancies that led me to the conclusion to try the next higher version to see if it was any better.

As it turns out, it might be better if I could get it to properly prepare the PKI environment. When I generate the shell and issue the 'easyrsa init-pki' command, the batch file returns and informs me that and PKI sub-directory has been created at a certain location and everything is ready to go. The only problem is, the sub-directory is not there; it's nowhere.

Now, I cannot believe that this team of experienced programmers published a complete version that has such a major flaw in it. I must be missing something. I have the "EasyRSA-v3.0.6" sub-directory located directory under "C:\Program Files\OpenVPN". The environmental variables for the shell are standard WIN10 with the exception that I added the "C:\Program Files\OpenVPN\bin" to the $Path string.

But I must have done something really wrong. Has anyone tried this version of EasyRSA and found a similar problem? Should I stick with version 305 and ignore the little errors that I thought were 'bad'?

[GDGKYrrELhn]

Sometimes, you really can solve some of your own problems. The sub-directory where EasyRSA resides has to be titled "EasyRSA" (without and versioning numbers). Then the program works like it is supposed to work. The program still has a problem finding a .rnd that seems to exist but can't be found, I'm going to keep on plugging.

[TinCanTech]

At least you are diligent ..

The program still has a problem finding a .rnd that seems to exist but can't be found

Ignore this, it is a nothing burger

The sub-directory where EasyRSA resides has to be titled "EasyRSA" (without and versioning numbers). Then the program works like it is supposed to work.

Probably just some accidental installation step missed.