OpenVpn Server certs generation problem


I'm trying to install a Openvpn server on my router TP-Link TL-WDR4300 v1 running Lede 17.01.2.
I'm following this guide
but after install step, on "source vars" i have this errors:

2001169592:error:0E065068:lib(14):func(101):reason(104):NA:0:line 68
2010500280:error:0E065068:lib(14):func(101):reason(104):NA:0:line 68
1999580344:error:0E065068:lib(14):func(101):reason(104):NA:0:line 68
  No /etc/easy-rsa/openssl.cnf file could be found
  Further invocations will fail
NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/easy-rsa/keys

Then i've created a symlink to openssl-1.0.0.cnf but the first 3 errors are still there.

The openssl.cnf e vars file are unmodified.

# easy-rsa parameter settings

# NOTE: If you installed from an RPM,
# don't edit this file in place in
# /usr/share/openvpn/easy-rsa --
# instead, you should copy the whole
# easy-rsa directory to another location
# (such as /etc/openvpn) so that your
# edits will not be wiped out by a future
# OpenVPN package upgrade.

# This variable should point to
# the top level of the easy-rsa
# tree.
export EASY_RSA="/etc/easy-rsa"

# This variable should point to
# the requested executables
export OPENSSL="openssl"
export PKCS11TOOL="pkcs11-tool"
export GREP="grep"

# This variable should point to
# the openssl.cnf file included
# with easy-rsa.
export KEY_CONFIG=`/usr/sbin/whichopensslcnf $EASY_RSA`

# Edit this variable to point to
# your soon-to-be-created key
# directory.
# WARNING: clean-all will do
# a rm -rf on this directory
# so make sure you define
# it correctly!
export KEY_DIR="$EASY_RSA/keys"

# Issue rm -rf warning
echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR

# PKCS11 fixes
export PKCS11_MODULE_PATH="dummy"
export PKCS11_PIN="dummy"

# Increase this to 2048 if you
# are paranoid.  This will slow
# down TLS negotiation performance
# as well as the one-time DH parms
# generation process.
export KEY_SIZE=2048

# In how many days should the root CA key expire?
export KEY_EXPIRE=3650

# These are the default values for fields
# which will be placed in the certificate.
# Don't leave any of these fields blank.
export KEY_CITY="SanFrancisco"
export KEY_ORG="Fort-Funston"
export KEY_EMAIL="me@myhost.mydomain"
export KEY_OU="MyOrganizationalUnit"

# X509 Subject Field
export KEY_NAME="EasyRSA"

# PKCS11 Smart Card
# export PKCS11_MODULE_PATH="/usr/lib/"
# export PKCS11_PIN=1234

# If you'd like to sign all keys with the same Common Name, uncomment the KEY_CN export below
# You will also need to make sure your OpenVPN server config has the duplicate-cn option set
# export KEY_CN="CommonName"

Help a newbie :sweat:

I think the problem is the openssl package,
if i run openssl version
1996680376:error:0E065068:lib(14):func(101):reason(104):NA:0:line 68

it was my fault

The problem was an old and wrong openssl.cnf in the folder /etc/ssl

Could you please tell me the fix for this problem

as said the problem was an old and wrong openssl.cnf in the folder /etc/ssl. I've just deleted it

If your problem is solved, please consider marking this topic as [Solved]. (Click the pencil behind the topic...)