OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

What are the proper steps to add additional client keys/cert

https://forums.openvpn.net/viewtopic.php?t=8118

Page 1 of 1

What are the proper steps to add additional client keys/cert

Posted: Fri May 13, 2011 7:54 pm
by RichTJ99
Hi,

I have followed the steps in the HowTo & I did create 3 keys (using openvpn 2.1) . I am now looking to add a few more keys & I am trying to figure the proper steps to do this (Openvpn 2.2).

Code: Select all

init-config
vars
clean-all
build-ca
build-key-server server

build-key client1
build-key client2
build-key client3
build-dh
[code]

All 3 of those keys owrk great when I try to log in.  I am happy, I dont want to get rid of those keys.  I am now looking to add keys.  

So with that being the steps, when I tried to add a key typing 'vars' then build-key rich1, it built the keys/certs & when I tried ot use it, it failed.  

Do I need to build-dh after the addition of a key?  Will creating a new build-dh cause the old keys to stop working?  

Thanks,
Rich

Re: What are the proper steps to add additional client keys/

Posted: Fri May 13, 2011 9:05 pm
by janjust
you only need to run
build-dh
once for the server dh1024.pem file.

when using 'build-key rich1' what error is it failing with? is the same CA used for the 2.1 and the 2.2 key set?

Re: What are the proper steps to add additional client keys/

Posted: Sat May 14, 2011 1:07 am
by RichTJ99
This is weird, I do have the CA is the same one I am using with the other two conf files. Its saying that when I make a client called rich3 which makes the three files needed, when I copy them to both the easy-rsa\keys & the \config folder that it doesnt see the rich3.crt when its in two directories.

Even stranger, the windows based gui does not see the new rich3.conf... I even exited it & restarted, still no go.

I may try scrapping hte whole setup & started again. I have about 6 VM's I am using, 1 physical laptop, 1 physical desktop & I suppose something could have been lost.

However on my working physical test laptop where everything else works, the rich3 data wont connect.

Re: What are the proper steps to add additional client keys/

Posted: Sat May 14, 2011 9:20 pm
by janjust
which version of windows are you using? If it's vista or 7 then you may run into the 'virtual store' fun, esp when you're copying files using PuTTY's pscp.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/