What are the proper steps to add additional client keys/cert

[RichTJ99]

Hi,

I have followed the steps in the HowTo & I did create 3 keys (using openvpn 2.1) . I am now looking to add a few more keys & I am trying to figure the proper steps to do this (Openvpn 2.2).

Code: Select all

init-config
vars
clean-all
build-ca
build-key-server server

build-key client1
build-key client2
build-key client3
build-dh
[code]

All 3 of those keys owrk great when I try to log in.  I am happy, I dont want to get rid of those keys.  I am now looking to add keys.  

So with that being the steps, when I tried to add a key typing 'vars' then build-key rich1, it built the keys/certs & when I tried ot use it, it failed.  

Do I need to build-dh after the addition of a key?  Will creating a new build-dh cause the old keys to stop working?  

Thanks,
Rich

[janjust]

you only need to run

build-dh

once for the server dh1024.pem file.

when using 'build-key rich1' what error is it failing with? is the same CA used for the 2.1 and the 2.2 key set?

[RichTJ99]

This is weird, I do have the CA is the same one I am using with the other two conf files. Its saying that when I make a client called rich3 which makes the three files needed, when I copy them to both the easy-rsa\keys & the \config folder that it doesnt see the rich3.crt when its in two directories.

Even stranger, the windows based gui does not see the new rich3.conf... I even exited it & restarted, still no go.

I may try scrapping hte whole setup & started again. I have about 6 VM's I am using, 1 physical laptop, 1 physical desktop & I suppose something could have been lost.

However on my working physical test laptop where everything else works, the rich3 data wont connect.

[janjust]

which version of windows are you using? If it's vista or 7 then you may run into the 'virtual store' fun, esp when you're copying files using PuTTY's pscp.