./easyrsa: 5231: [: Illegal number:

[Zwixx]

Hi,

I used easyrsa for a while and my certifiates are expired. So I renewed it and then "revoke-renewed" the old certificate. Since then, if I call

./easyrsa show-exp

The error:

Using Easy-RSA 'vars' configuration:
* /etc/openvpn/easy-rsa/vars

Using SSL:
* openssl OpenSSL 1.1.1n  15 Mar 2022

Notice
------
* Showing certificates which expire in less than 90 days (--days):
./easyrsa: 5231: [: Illegal number:

occurs. I use the latext version of easyrsa.

[TinCanTech]

Hi, thanks for reporting this.

It is known that the status reports will fail when a certificate commonName does not match the certificate file name. Is that true for you ?

If you can share your index.txt and some further details of your PKI then I can look into this issue.

If you prefer, you can send me your index.txt via email to: tincantech at protonmail dot com

I am also available online at: libera.chat IRC, channel #easyrsa.

[Zwixx]

Yes, that's it. In my index.txt is a key from a old entry. I created a file with the cn and the error are gone. Thanks.

[TinCanTech]

Linking #809

[TinCanTech]

I created a file with the cn and the error are gone

I presume you mean that you changed the name of the certificate file to match the commonName of the certificate.

[Zwixx]

Yes, the commonName. I deleted the line in the index.txt and it seems it works too. So I don't need a dummy file.

[TinCanTech]

You MUST never edit index.txt !

[Zwixx]

The problem is, unfortunately, it was already broken. It was probably my own fault, too. And I am aware that this is not a good idea. But I think it's probably the easiest thing to do in this case. And of course I have a backup.