William
Just followed the instructions again deleteing the files you suggested and came up with the same results.
[root@gateway easy-rsa]# rm /etc/openvpn/easy-rsa/keys/index.txt
rm: remove regular file `/etc/openvpn/easy-rsa/keys/index.txt'? y
[root@gateway easy-rsa]# rm /etc/openvpn/easy-rsa/keys/index.txt.old
rm: remove regular empty file `/etc/openvpn/easy-rsa/keys/index.txt.old'? y
[root@gateway easy-rsa]# pico vars
UW PICO(tm) 4.10 File: vars Modified
# Edit this variable to point to
# the openssl.cnf file included
# with easy-rsa.
export KEY_CONFIG=/etc/openvpn/easy-rsa/openssl.cnf
# Edit this variable to point to
# your soon-to-be-created key
# directory.
#
# WARNING: clean-all will do
# a rm -rf on this directory
# so make sure you define
# it correctly!
export KEY_DIR=/etc/openvpn/easy-rsa/keys
# Increase this to 2048 if you
# are paranoid. If you do increase,
# make sure you build OpenVPN with
# pthread support, so you don't incur
# any performance penalty.
export KEY_SIZE=1024
# These are the default values for fields
# which will be placed in the certificate.
export KEY_COUNTRY=AU
export KEY_PROVINCE=NSW
export KEY_CITY=xxxx
export KEY_ORG=" xxxxxx xxxxxxxx "
export KEY_EMAIL="netadmin@xxxxxx"
[ Wrote 29 lines ]
[root@gateway easy-rsa]# . vars
[root@gateway easy-rsa]# ./clean-all
[root@gateway easy-rsa]# ./build-ca
Generating a 1024 bit RSA private key
...........++++++
............................++++++
writing new private key to 'ca.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
State or Province Name (full name) [NSW]:NSW
Locality Name (eg, city) [xxxx]:xxxx
Organization Name (eg, company) [ xxxxxx xxxxxxxx ]: xxxxxx xxxxxxxx
Organizational Unit Name (eg, section) []:VPN
Common Name (eg, your name or your server's hostname) []:gateway
Email Address [netadmin@teviot.net]:netadmin@xxxxxx
[root@gateway easy-rsa]# ./build-key server
Generating a 1024 bit RSA private key
.........++++++
..++++++
writing new private key to 'server.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
State or Province Name (full name) [NSW]:NSW
Locality Name (eg, city) [xxxx]:xxxx
Organization Name (eg, company) [ xxxxxx xxxxxxxx ]: xxxxxx xxxxxxxx Organizational Unit Name (eg, section) []:VPN
Common Name (eg, your name or your server's hostname) []:gateway
Email Address [netadmin@xxxxxx]:netadmin@xxxxxx
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Using configuration from /etc/openvpn/easy-rsa/openssl.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'AU'
stateOrProvinceName :PRINTABLE:'NSW'
localityName :PRINTABLE:'xxxx'
organizationName :PRINTABLE: xxxxxx xxxxxxxx '
organizationalUnitName:PRINTABLE:'VPN'
commonName :PRINTABLE:'gateway'
emailAddress :IA5STRING:'netadmin@xxxxxx'
Certificate is to be certified until Oct 15 08:43:42 2016 GMT (3650 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
[root@gateway easy-rsa]# ./build-key client
Generating a 1024 bit RSA private key
.....................................................................++++++
.......++++++
writing new private key to 'client.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
State or Province Name (full name) [NSW]:NSW
Locality Name (eg, city) [xxxx]:xxxx
Organization Name (eg, company) [ xxxxxx xxxxxxxx ]: xxxxxx xxxxxxxx
Organizational Unit Name (eg, section) []:VPN
Common Name (eg, your name or your server's hostname) []:gateway
Email Address [netadmin@xxxxxx]:netadmin@xxxxxx
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Using configuration from /etc/openvpn/easy-rsa/openssl.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'AU'
stateOrProvinceName :PRINTABLE:'NSW'
localityName :PRINTABLE:'xxxx'
organizationName :PRINTABLE: ' xxxxxx xxxxxxxx '
organizationalUnitName:PRINTABLE:'VPN'
commonName :PRINTABLE:'gateway'
emailAddress :IA5STRING:'netadmin@xxxxxx'
Certificate is to be certified until Oct 15 08:45:15 2016 GMT (3650 days)
Sign the certificate? [y/n]:y
failed to update database
TXT_DB error number 2
[root@gateway easy-rsa]#
I have no idea where to go from here
Adrian
17 Replies
9252 Views