OpenWrt Forum Archive

Topic: Problem on revamped OpenVPN Server HowTo (Streamlined)

The content of this topic has been archived on 24 Mar 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

My question is related to this page OpenVPN Server HowTo (Streamlined) wiki.openwrt.org/doc/howto/openvpn-stre … rver-setup

The revamp page said not to use easy-rsa but to use a downloaded version of openssl.cnf from github.

once I place the file in place, I test with the command openssl, which returns error

error:0E065068:lib(14):func(101):reason(104):NA:0:line 68

Anyone have an idea on how to properly follow the guide?

Also, anyone can teach me how to use the wiki to let the page modify person on this questions?

Thanks

(Last edited by enri1357 on 14 Nov 2016, 04:33)

I get the same error. It makes the Wiki page not very 'Streamlined' when it doesn't work haha!

I can get the openssl running when using the default openssl.cnf that is installed with the openssl-util into /etc/ssl/

root@lede:/etc/ssl# openssl
OpenSSL>

But when /etc/ssl/openssl.cnf is replaced with the github file

root@lede:/etc/ssl# openssl
2001903004:error:0E065068:lib(14):func(101):reason(104):NA:0:line 68

Anyone who created the Wiki post able to chime in?

I'm using the following

Model    Meraki MR12
Firmware Version    LEDE Reboot SNAPSHOT r2524-aada15a

Thanks in advance

(Last edited by Presjar on 17 Dec 2016, 16:28)

I have fixed this error, please check the wiki page for details under the CRL Directory section.

This still seems to be an issue.  As of 8/25/2017, using the LEDE Reboot 17.01.2 on Linksys WRT-AC1900, I'm still getting this error when issuing the command to "Generate CA" I'm getting an error with openssl not found.

root@router:~# openssl req -x509 -new -sha512 -days 3650 -newkey rsa:4096 -keyout ca/OpenWrt-CA.key.pem -out ca/OpenWrt-CA.crt.pem -config ./openssl.cnf -extensions v3_
ca_openwrt
-ash: openssl: not found

I tried removing openvpn-openssl, restarted the router, and then reinstalling it with same issue.  Then, I tried installing openvpn-easy-rsa package and when issuing this same command, it still gave me:

root@router:/etc/ssl# openssl req -x509 -new -sha512 -days 3650 -newkey rsa:4096 -keyout ca/OpenWrt-CA.key.pem -out ca/OpenWrt-CA.crt.pem -config ./openssl.cnf -extensions v3_
ca_openwrt
3070166212:error:0E065068:lib(14):func(101):reason(104):NA:0:line 68

Is the openvpn-openssl package not include openssl?

(Last edited by kelxon10995 on 26 Aug 2017, 15:06)

The discussion might have continued from here.