Closed zstergios closed 5 months ago
OK, I see the problem.
EASYRSA_CA_EXPIRE = "3650"
You need to fix easy-rsa.vars
file, remove double qutes (EASYRSA_CA_EXPIRE = 3650
) and try again.
I changed to "3650" because I got the same error wihout the quotes. I tried again, same error
`Your newly created PKI dir is:
Using Easy-RSA configuration:
Following EASYRSA variables will be used: EASYRSA_DN "org" EASYRSA_REQ_COUNTRY "GR" EASYRSA_REQ_PROVINCE "GR" EASYRSA_REQ_CITY "xx" EASYRSA_REQ_ORG "xx" EASYRSA_REQ_EMAIL "info@xx.gr" EASYRSA_REQ_OU "xx" EASYRSA_REQ_CN "OpenVPNServer" EASYRSA_KEY_SIZE 2048 EASYRSA_CA_EXPIRE 3650 EASYRSA_CERT_EXPIRE 825 EASYRSA_CERT_RENEW 30 EASYRSA_CRL_DAYS 180 Generating ertificate authority... Using Easy-RSA 'vars' configuration:
Using SSL:
Also I tried the exact same configutation but SAME error
Following EASYRSA variables will be used:
EASYRSA_DN "org"
EASYRSA_REQ_COUNTRY "UA"
EASYRSA_REQ_PROVINCE "KY"
EASYRSA_REQ_CITY "Kyiv"
EASYRSA_REQ_ORG "SweetHome"
EASYRSA_REQ_EMAIL "sweet@home.net"
EASYRSA_REQ_OU "MyOrganizationalUnit"
EASYRSA_REQ_CN "OpenVPNServer"
EASYRSA_KEY_SIZE 2048
EASYRSA_CA_EXPIRE 3650
EASYRSA_CERT_EXPIRE 825
EASYRSA_CERT_RENEW 30
EASYRSA_CRL_DAYS 180
Seems there is something on file encoding. The only way I mannaged to solve this issue was to
cd /openvpn-server/config
wget https://raw.githubusercontent.com/d3vilh/openvpn-server/main/config/easy-rsa.vars
[root@box3 openvpn-server]# cat /etc/os-release NAME="AlmaLinux" VERSION="8.9 (Midnight Oncilla)" ID="almalinux" ID_LIKE="rhel centos fedora" VERSION_ID="8.9" PLATFORM_ID="platform:el8" PRETTY_NAME="AlmaLinux 8.9 (Midnight Oncilla)" ANSI_COLOR="0;34" LOGO="fedora-logo-icon" CPE_NAME="cpe:/o:almalinux:almalinux:8::baseos" HOME_URL="https://almalinux.org/" DOCUMENTATION_URL="https://wiki.almalinux.org/" BUG_REPORT_URL="https://bugs.almalinux.org/"
ALMALINUX_MANTISBT_PROJECT="AlmaLinux-8" ALMALINUX_MANTISBT_PROJECT_VERSION="8.9" REDHAT_SUPPORT_PRODUCT="AlmaLinux" REDHAT_SUPPORT_PRODUCT_VERSION="8.9"
[root@box3 openvpn-server]# cd ~/openvpn-server/ && docker run --interactive --tty --rm --name=openvpn-server --cap-add=NET_ADMIN -p 1194:1194/udp -e TRUST_SUB=10.0.70.0/24 -e GUEST_SUB=10.0.71.0/24 -e HOME_SUB=192.168.88.0/24 -v ./pki:/etc/openvpn/pki -v ./clients:/etc/openvpn/clients -v ./config:/etc/openvpn/config -v ./staticclients:/etc/openvpn/staticclients -v ./log:/var/log/openvpn -v ./fw-rules.sh:/opt/app/fw-rules.sh -v ./server.conf:/etc/openvpn/server.conf --privileged d3vilh/openvpn-server:latest EasyRSA path: /usr/share/easy-rsa OVPN path: /etc/openvpn Setting up public key infrastructure...
Notice
'init-pki' complete; you may now create a CA or requests.
Your newly created PKI dir is:
Using Easy-RSA configuration:
Following EASYRSA variables will be used: EASYRSA_DN "org" EASYRSA_REQ_COUNTRY "GR" EASYRSA_REQ_PROVINCE "GR" EASYRSA_REQ_CITY "xx" EASYRSA_REQ_ORG "xx" EASYRSA_REQ_EMAIL "info@xx.com" EASYRSA_REQ_OU "xxx" EASYRSA_REQ_CN "OpenVPNServer" EASYRSA_KEY_SIZE 2048 EASYRSA_CA_EXPIRE "3650" EASYRSA_CERT_EXPIRE 825 EASYRSA_CERT_RENEW 30 EASYRSA_CRL_DAYS 180 Generating ertificate authority... Using Easy-RSA 'vars' configuration:
Using SSL:
Easy-RSA error:
easyrsa_openssl - Command has failed: -sha256 -noencutf8 -new -key /usr/share/easy-rsa/pki/12cc6e89/temp.1.1 -keyout /usr/share/easy-rsa/pki/12cc6e89/temp.1.1 -out /usr/share/easy-rsa/pki/12cc6e89/temp.2.1 -batch -x509 -days 3650
EasyRSA Version Information Version: ~VER~ Generated: ~DATE~ SSL Lib: OpenSSL 3.1.4 24 Oct 2023 (Library: OpenSSL 3.1.4 24 Oct 2023) Git Commit: ~GITHEAD~ Source Repo: https://github.com/OpenVPN/easy-rsa Host: dev | nix | Linux | undefined
PLEASE HELP