KEY_CONFIG pointing to the wrong version of openssl.cnf

linux openvpn openssl
38,025

Solution 1

it's hard to tell without more information...

anyhow, you have either

  • not properly configured your installation via the vars file

  • or you haven't activated the vars file by running source vars prior to running ./build-ca

the vars file contains (among other things) the definition of the KEY_CONFIG variable. the default (on my Debian system) is to call a wrapper-script which will try to find the correct default openssl.conf file for you

export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`

(on my system i have OpenSSL 1.0.1e 11 Feb 2013 installed, so KEY_CONFIG evaluates to .../openssl-1.0.0.cnf)

if this doesn't work for you, you can manually set the KEY_CONFIG to a value that matches yours.

Solution 2

ln -s openssl-1.0.0.cnf openssl.cnf

Share:
38,025

Related videos on Youtube

Jason
Author by

Jason

Updated on September 18, 2022

Comments

  • Jason
    Jason over 1 year

    I am trying to setup OpenVPN but I am getting this error:

    #./build-ca
grep: /etc/openvpn/easy-rsa/2.0/openssl.cnf: No such file or directory
pkitool: KEY_CONFIG (set by the ./vars script) is pointing to the wrong
version of openssl.cnf: /etc/openvpn/easy-rsa/2.0/openssl.cnf
The correct version should have a comment that says: easy-rsa version 2.x

    I have OpenSSL* installed. Do I need to set a location?

  • Raphael Ahrens
    Raphael Ahrens over 10 years
    You should explain why this command should be executed and what was the problem in the first place. Even if it may be obvious.
  • Rob Sedgwick
    Rob Sedgwick over 6 years
    It's magic, but it works.
  • michel.iamit
    michel.iamit over 6 years
    just do a ls in the folder, and you will see what openssl-x.x.x.cnf are available... 1.0.0 is the hights, ln -s is a symbolic link... guess that explains it enough?
  • TD_Nijboer
    TD_Nijboer over 6 years
    i have the same settup, yet the whichopensslcnf points to the wrong openssl version. i have 1.1.0g installed but only 0.9.6.cnf / 0.9.8.cnf and 1.0.0.cnf. How do i add another openssl.cnf for 1.1.0g? as source vars now gives an error the same as @frank
  • madlife
    madlife over 5 years
    This should not be the accepted answer.
  • Manny265
    Manny265 over 5 years
    works like magic during my setup of OpenVPN. it creates a link to the current version of openssl
  • Admin
    Admin almost 2 years
    It works for me.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Build OpenVPN with specific OpenSSL version
There is no openssl.so extension with php7.2.x
Client-Server communication using OPENSSL (using Certificate)
How to use OpenSSL for self-signed certificates with custom CA and proper SAN settings?
How to compile PHP with new OpenSSL library
/usr/local/ssl/lib/libcrypto.a: could not read symbols: Bad value
Can't link OpenSSL code
How do you change a user password in a script with busybox and openssl?
No reference to BIO-functions when linking OpenSSL
SSH connection screwed up after VPN connection established