Hi,

I do not use easy-rsa but the test you posted is not correct..


> # sh -x whichopensslcnf
>

This will fail as whichopensslcnf takes an argument (the root folder name
$EASY_RSA) without which it will be looking at the "root directory"


> + cnf=/openssl.cnf
> + '[' openssl ']'
> + openssl version
> + grep -E '0\.9\.6[[:alnum:]]?'
> + openssl version
> + grep -E '0\.9\.8[[:alnum:]]?'
> + openssl version
> + grep -E '1\.0\.[[:digit:]][[:alnum:]]?'
> + cnf=/openssl-1.0.0.cnf
> + echo /openssl-1.0.0.cnf
> /openssl-1.0.0.cnf
>

See, its looking for /openssl-1.0.0.cnf instead of
/etc/openvpn/easy-rsa/2.0/openssl-1.0.0.cnf


> + '[' '!' -r /openssl-1.0.0.cnf ']'
> + echo '**************************************************************'
> **************************************************************
> + echo '  No /openssl-1.0.0.cnf file could be found'
>    No /openssl-1.0.0.cnf file could be found
> + echo '  Further invocations will fail'
>    Further invocations will fail
> + echo '**************************************************************'
> **************************************************************
> + exit 0
>
>
> I have even tried setting easy-rsa version to 2.x in the comment section
> of the openssl.cnf, but still have the same result...
>

Anyway, as your openssl version is 1.0.x, the script will use
openssl-1.0.0.cnf. Make sure that is compatible with easy-rsa.

Selva
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Reply via email to