i'm trying to configure openvpn in xp pro sp3 2.7 Ghz, 2GB ram. I've downloaded and install openvpn2.2. When i navigate to easy-rsa and try and execute the bat build-ca i get the following error
WARNING: can't open config file: c:\openssl/ssl/openssl.cnf error on line 150 of openssl.cnf
4788:error:0E065068:configuration file routines:STR_COPY:variable has no value:.\crypto\conf\conf_def.c:618:line 150
what do i need to change?
build-ca not working
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
Bebop
- Forum Team
- Posts: 301
- Joined: Wed Dec 15, 2010 9:24 pm
Re: build-ca not working
[EDIT] I just installed new openvpn and have a similar error to you now.
You're faced with two choices:
[1] Roll back to OpenVPN 2.1.4 which is still available at the OpenVPN downloads page.
OR
[2] Follow the steps below in my next post.
On Windows 7 X64, option 1 is the best.
You're faced with two choices:
[1] Roll back to OpenVPN 2.1.4 which is still available at the OpenVPN downloads page.
OR
[2] Follow the steps below in my next post.
On Windows 7 X64, option 1 is the best.
Last edited by Bebop on Thu Jul 21, 2011 2:54 am, edited 1 time in total.
The cure for boredom is curiosity
-
Bebop
- Forum Team
- Posts: 301
- Joined: Wed Dec 15, 2010 9:24 pm
Re: build-ca not working
Solution found for anyone who doesn't want to roll back to 2.1.4. This is for Windows 7 x64.
Now load your client certs in to client config dir and start OpenVPN GUI. See if it all works.
- Uninstall OpenVPN
- Delete folder: C:\Program Files (x86)\OpenVPN
- Install OpenVPN 2.2.1 (or newest version)
- start->run->cmd (as admin)
- > cd C:\Program Files (x86)\OpenVPN\easy-rsa
- > init-config
- Now open vars.bat in text editor as admin and change the vars to something like:
Code: Select all
set KEY_COUNTRY=US
set KEY_PROVINCE=CA
set KEY_CITY=SanFrancisco
set KEY_ORG=ORG
set KEY_EMAIL=mail@host.org
set KEY_CN=common
set KEY_NAME=NAME
set KEY_OU=OU
set PKCS11_MODULE_PATH=NA
set PKCS11_PIN=NA- Now back to command prompt
- > vars
- > clean-all
- > build-ca
- > build-key-server server
- Important - When you are being prompted for input, change the common name to something unique like server
- > build-dh
- Copy ca.crt, ca.key, dh1024.pem, server.crt, server.key to the openvpn server
- Restart the server instance of openvpn. Make sure it starts with no errors.
Now back to command prompt - > build-key client1
- Important - When you are being prompted for input, change the common name to something unique like client1
- > build-key client2
- Important - When you get the prompts, change the common name to something unique like client2
Now load your client certs in to client config dir and start OpenVPN GUI. See if it all works.
The cure for boredom is curiosity
-
kmoerder
- OpenVpn Newbie
- Posts: 10
- Joined: Sat May 28, 2011 6:33 pm
Re: build-ca not working
Hi All...
I do think that the unable to write random state error is important, as it could indicate that you have created weak keys.
I had the same problem on a new Windows 7 Pro 64-bit install.
The simplest fix I found was the following
In vars.bat I replaced
"set HOME=%ProgramFiles%\OpenVPN\easy-rsa"
with
"set HOME=C:\PROGRA~2\OpenVPN\easy-rsa"
This allows the scripts to finf all of the OpenVPN (SSL) tools they need to run properly.
Thanks,
...Karl
I do think that the unable to write random state error is important, as it could indicate that you have created weak keys.
I had the same problem on a new Windows 7 Pro 64-bit install.
The simplest fix I found was the following
In vars.bat I replaced
"set HOME=%ProgramFiles%\OpenVPN\easy-rsa"
with
"set HOME=C:\PROGRA~2\OpenVPN\easy-rsa"
This allows the scripts to finf all of the OpenVPN (SSL) tools they need to run properly.
Thanks,
...Karl