OpenVPN Support Forum

Good mornig
root@Juanjo:/etc/openvpn/easy-rsa# . ./vars
**************************************************************
No /etc/openvpn/easy-rsa/openssl.cnf file could be found
Further invocations will fail
**************************************************************
The problem has to be in the swhichopensslcnf script that does not have support for openssl-1.1.0
Easy-rsa has support for openssl-1.1.0?
ot@Juanjo:/etc/openvpn/easy-rsa# ls
build-ca build-key-server list-crl sign-req
build-dh build-req openssl-0.9.6.cnf vars
build-inter build-req-pass openssl-0.9.8.cnf whichopensslcnf
build-key clean-all openssl-1.0.0.cnf
build-key-pass inherit-inter pkitool
build-key-pkcs12 keys revoke-full

How can I solve this problem
please
Thank you

The simplest way is to use EasyRSA 3.0.1 :
https://github.com/OpenVPN/easy-rsa/releases

Any other solutions to this?
Raspbian Debian Sketch build is broke with this issue and easy-rsa 3.0 is not available in their repository.
Thanks!

The reason for this error can be found in the whichopensslcnf itself:
it interprets the output auf "openssl version". In current versions (like in Debian 9.3.0) it is V1.1.X so the output is like this: So simply do that and it will work: Add the following lines: Then save.

Next time it will find it at least at my system.

I'm not too familiar with the code of "openssl-1.0.0.cnf" and currently cannot answer the question if the cnf is fully compatible with OpenSSL 1.1.X or if there better should be a "openssl-1.1.0.cnf". At least I couldn't figure out a problem yet if doing it like described above.

Kind regards

MM