OpenVPN and easy-rsa problem

Ianex · July 23, 2019, 3:22pm

History:
OpenWrt was upgraded from 15.05 chaos calmer.
I managed to restore all things back to work. I had some problems with switch and PPTP pathrthough, but by some digging into internet and forums I solved them.

Now I want to setup OpenVPN server, but ran into problems.

Now I have:
OpenWrt 18.06.4, r7808-ef686b7292 on Linksys WRT 1200 AV v2

uname -r
4.14.131

I have installed:
libopenssl 1.0.2s-1
openssl-util 1.0.2s-1
openvpn-openssl 2.4.5-4.2
luci-app-openvpn git-19.190.55614-35357e4-1
openvpn-easy-rsa 3.0.4-1
openvpn-openssl 2.4.5-4.2

And the problem is that easy-rsa scripts fails with:

root@router:/# easyrsa --batch init-pki
/usr/bin/easyrsa: /etc/easy-rsa/vars: line 29: /usr/sbin/whichopensslcnf: not found
NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/easy-rsa/keys

I checked for whichopens... with:
find . -name "whichopen*"
but nothing was found :-/

So what could be wrong?
Are there some settings or dependecies are missing?

brgds

vgaetera · July 23, 2019, 3:33pm

mv /etc/easy-rsa /etc/easy-rsa.old
opkg update
opkg --force-reinstall install openvpn-easy-rsa

Preserving old configuration on major updates is not encouraged:
https://openwrt.org/docs/guide-quick-start/admingui_sysupgrade_keepsettings

jeff · July 23, 2019, 4:58pm

Looks like your easyrsa script is corrupt and/or outdated

Also, running key generation on a laptop/desktop can be a lot easier and faster.

aboaboit · July 23, 2019, 9:01pm

Yup. On a remote proxy I have, where I also installed openvpn for a friend living abroad, I wrote a memo to myself saying: "current version of openvpn-easy-rsa has completely changed directory layout, thus recreating config from scratch and carrying over keyfiles as needed". That was in feb.2018 and the "new" version was 3.0.1 (still on a GLi 15.05-based firmware).

Ianex · July 24, 2019, 8:40am

This helped, with some comments:
By doing as described I got some errors on install:

Configuring openvpn-easy-rsa.
Collected errors:

file_sha256sum_alloc: Failed to open file /etc/easy-rsa/openssl-1.0.cnf: No such file or directory.

file_sha256sum_alloc: Failed to open file /etc/easy-rsa/vars: No such file or directory.

But when after:

opkg remove openvpn-easy-rsa

and force install again it started to work.

Thank you!

system · August 3, 2019, 8:55am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.