On Monday 02 July 2007 03:19:23 pm sonjaya wrote:
> Dear all
>
> i have installed openvpn from ports dan i try follow manual like this :
> # pwd
> /etc/openvpn/easy-rsa/2.0
> # ./vars
> NOTE: If you run ./clean-all, I will be doing a rm -rf on
> /etc/openvpn/easy-rsa/2.0/keys
> # ./clean-all
> # ./build-ca
> Please edit the vars script to reflect your configuration,
> then source it with "source ./vars".
> Next, to start with a fresh PKI configuration and to delete any
> previous certificates and keys, run "./clean-all".
> Finally, you can run this tool (pkitool) to build certificates/keys.
> #
> where is wrong ?
Did you run:
source /etc/openvpn/easy-rsa/vars
?
>
>
> beloow my config
> # cat vars
> export EASY_RSA="`pwd`"
> export KEY_CONFIG="$EASY_RSA/openssl.cnf"
> export KEY_DIR="$EASY_RSA/keys"
> echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
> export KEY_SIZE=1024
> export CA_EXPIRE=3650
> export KEY_EXPIRE=3650
> export KEY_COUNTRY="CA"
> export KEY_PROVINCE="USA"
> export KEY_CITY="california"
> export KEY_ORG="IT"
> export KEY_EMAIL="[EMAIL PROTECTED]"
> #
> # cat clean-all
> #!/bin/sh
> export KEY_DIR="$EASY_RSA/keys"
> if [ "$KEY_DIR" ]; then
> rm -rf "$KEY_DIR"
> mkdir "$KEY_DIR" && \
> chmod go-rwx "$KEY_DIR" && \
> touch "$KEY_DIR/index.txt" && \
> echo 01 >"$KEY_DIR/serial"
> else
> echo 'Please source the vars script first (i.e. "source ./vars")'
> echo 'Make sure you have edited it to reflect your configuration.'
> fi
> #
> # cat build-ca
> #!/bin/sh
> #
> # Build a root certificate
> #
> export EASY_RSA="${EASY_RSA:-.}"
> "$EASY_RSA/pkitool" --interact --initca $*
> #
--
Dominik Zalewski | System Administrator
OpenCraft
t- +2 02 336 0003
w- http://www.open-craft.com
