angristan
Can't create client anymore
Hi,
I suddenly couldn't create client anymore with this script on my VPS. After a bit of investigation, I decided to restart all from scratch. Chosen Debian 12 (previously Debian 11). Full updated. Then, downloaded your script again to setup OpenVPN Server. And, sadly, I get exactly the same issue : it can't create a new VPN client. I let you read the stdout below. As you can see, even if it says "Client t0mux-pc added." this is not true. If I run again the script to revoke an existing client, it says there is no client.
Tell me a name for the client.
The name must consist of alphanumeric character. It may also include an underscore or a dash.
Client name: t0mux-pc
Do you want to protect the configuration file with a password?
(e.g. encrypt the private key with a password)
1) Add a passwordless client
2) Use a password for the client
Select an option [1-2]: 2
⚠️ You will be asked for the client password below ⚠️
* Using SSL: openssl OpenSSL 3.0.13 30 Jan 2024 (Library: OpenSSL 3.0.13 30 Jan 2024)
* Using Easy-RSA configuration: /etc/openvpn/easy-rsa/vars
* The preferred location for 'vars' is within the PKI folder.
To silence this message move your 'vars' file to your PKI
or declare your 'vars' file with option: --vars=<FILE>
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
Verify failure
4057C036137F0000:error:1400006B:UI routines:UI_process:processing error:../crypto/ui/ui_lib.c:548:while reading strings
4057C036137F0000:error:0480006D:PEM routines:PEM_def_callback:problems getting password:../crypto/pem/pem_lib.c:62:
4057C036137F0000:error:07880109:common libcrypto routines:do_ui_passphrase:interrupted or cancelled:../crypto/passphrase.c:184:
4057C036137F0000:error:1C80009F:Provider routines:p8info_to_encp8:unable to get passphrase:../providers/implementations/encode_decode/encode_key2any.c:116:
Easy-RSA error:
Failed to generate request
EasyRSA Version Information
Version: 3.1.2
Generated: Fri Jan 13 15:49:32 CST 2023
SSL Lib: OpenSSL 3.0.13 30 Jan 2024 (Library: OpenSSL 3.0.13 30 Jan 2024)
Git Commit: 354c20d82bdc5db364e197aa1290e84b46abe487
Source Repo: https://github.com/OpenVPN/easy-rsa
Host: 3.1.2 | nix | Linux | /bin/bash
Client t0mux-pc added.
awk: cannot open /etc/openvpn/easy-rsa/pki/issued/t0mux-pc.crt (No such file or directory)
cat: /etc/openvpn/easy-rsa/pki/private/t0mux-pc.key: No such file or directory
The configuration file has been written to /root/t0mux-pc.ovpn.
Download the .ovpn file and import it in your OpenVPN client.
root@cloud-server-0:~# ./openvpn-install.sh
Welcome to OpenVPN-install!
The git repository is available at: https://github.com/angristan/openvpn-install
It looks like OpenVPN is already installed.
What do you want to do?
1) Add a new user
2) Revoke existing user
3) Remove OpenVPN
4) Exit
Select an option [1-4]: 2
You have no existing clients!
I have almost the same error case.
awk: cannot open /etc/openvpn/easy-rsa/pki/issued/t0mux-pc.crt (No such file or directory)
cat: /etc/openvpn/easy-rsa/pki/private/t0mux-pc.key: No such file or directory
This problem apears just before creating(or I tought that), when the script exec EASYRSA_CERT_EXPIRE=730 ./easyrsa --batch build-client-full MYFAVORITEUSER nopass
But in my case it does not create anything throwing the next error:
'build-client-full' does not support setting an external commonName
@T0MuX
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
Verify failure
You failed to enter the pass phrase correctly.
