OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

openvpn 2.3.4 build-key Can't open file /etc/ssl/openssl.cnf

https://forums.openvpn.net/viewtopic.php?t=17358

Page 1 of 1

openvpn 2.3.4 build-key Can't open file /etc/ssl/openssl.cnf

Posted: Sun Oct 26, 2014 8:33 am
by neil4u100
Hi Admins,

Am new to this forum so please forgive me if any of my questions are wrong.

My Setup is like this:

Client: Windows 7 Enterprise 64-bit
Open VPN version: 2.3.4

Server: Windows server 2008 R2 Datacenter 64-bit
Open VPN version: 2.3.4

Am stuck at the build-key command wizard which is giving me an error message - Can't open config file /etc/ssl/openssl.cnf and the cursor gets back to the prompt without any message.

I have already run the "init-config" and the "vars" file is ready.

How to overcome this SSL error ? If anyone has any guide or faced this issue before - Please share the steps in detail.

Once the client setup finishes, I will move to the configuration of server.

Thanks in advance.

Regards
Neil

Re: openvpn 2.3.4 build-key Can't open file /etc/ssl/openssl

Posted: Sun Oct 26, 2014 9:34 am
by maikcat
/etc/ssl path on windows???

init-config & vars files where .bat?

Michael.

Re: openvpn 2.3.4 build-key Can't open file /etc/ssl/openssl

Posted: Sun Oct 26, 2014 12:57 pm
by neil4u100
It looks like the easy-rsa scripts are not working as they should be in the current version of openvpn. Any script which I use throws me the same error of "Cant open file /etc/ssl/openssl.cnf".

At first even I was surprised with this UNIX directory structure in the script which is being used for windows configuration.

Please suggest if I can change any variable ?

Besides, I used the linux version of openvpn and created the client and server key and certificate files and imported them to the respective windows servers. But when I connect to the server, am getting the TLS key error waiting for 60 seconds.

I opened port forwarding on my cisco router and also enabled UDP port 1194 on both server side and client side.

Any suggestions.

Re: openvpn 2.3.4 build-key Can't open file /etc/ssl/openssl

Posted: Sun Oct 26, 2014 8:42 pm
by Traffic
@ neil4u100

If you are creating a new PKI from scratch I would advise you download EasyRSA3-rc2

Re: openvpn 2.3.4 build-key Can't open file /etc/ssl/openssl

Posted: Thu Oct 30, 2014 5:40 am
by donphillipe
I am trying to build a home network link to dd-wrt OpenVPN server. The only documentation for how to do this is before the introduction of this PKCS11. (http://www.howtogeek.com/64433/how-to-i ... rt-router/) I don't think this is even built into the dd-wrt OpenVPN server, or not to my knonwledge.

I do know the errors are constant when you set the two entries:

set KEY_NAME=
set KEY_OU=

Is the OpenVPN Server before this PKCS11 requirement still compatible with newer clients and visa versa?

Re: openvpn 2.3.4 build-key Can't open file /etc/ssl/openssl

Posted: Thu Oct 30, 2014 11:21 pm
by Traffic
maikcat wrote:/etc/ssl path on windows???
I have also seen this on windows .. I copied the c:\program files\openvpn\bin\openssl.cnf file to c:\etc\ssl\openssl.cnf to resolve this particular problem. Although, that was only included in openvpn 2.2.2 as I recall.

@ donphillipe .. perhaps you could try that ^^ as well ..
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/