OpenVPN : server unable to build certificates

Artica se doit de gérer aussi le VPN, ici toutes les discussions concernant l'administration du serveur OpenVPN

OpenVPN : server unable to build certificates

New postby ccabaret » Mon Jun 15, 2009 12:44 pm

Une fois OpenVPN configuré, j'ai ce message :
Starting......: OpenVPN server unable to build certificates
/bin/chmod 0600 /etc/artica-postfix/openvpn/keys/* >/tmp/artica-install-04fb3ebde2ff332b1c589250ba0f2641 2>&1
Starting......: OpenVPN dh1024.pem OK
Starting......: OpenVPN SRV-MAIL-FS.crt OK
Starting......: OpenVPN SRV-MAIL-FS.csr OK
Starting......: OpenVPN serial OK
Starting......: OpenVPN index.txt OK
Starting......: OpenVPN ca.key OK
/bin/chmod 777 /etc/artica-postfix/openvpn/vars >/tmp/artica-install-e5c8fd7b01d4054ece3a2353410ae43d 2>&1
export KEY_EMAIL="cedric.cabaret@zenngo.com" >/tmp/artica-install-167c0ca182483245d512d85ecd733366 2>&1
export KEY_ORG="zenngo" >/tmp/artica-install-2be7d069054ebbcececc5dc8b99c2223 2>&1
export KEY_CITY="Nantes" >/tmp/artica-install-fc80dcd7cae93282c7761f81cac6db86 2>&1
export KEY_PROVINCE="Loire Atlantique" >/tmp/artica-install-72b57160e3b4181d3c1ab0dcc2827d5e 2>&1
export KEY_COUNTRY="FR" >/tmp/artica-install-58700d5b22b41e1c7b00c48908762354 2>&1
export KEY_EXPIRE=3650 >/tmp/artica-install-af586be17808361f30cc9e80a64bcc5f 2>&1
export CA_EXPIRE=3650 >/tmp/artica-install-a1066679de9a2bb5b797c2fca0b821c5 2>&1
export KEY_SIZE=1024 >/tmp/artica-install-20f8f42c7029fa7098914e4bb3391e22 2>&1
export PKCS11_PIN="dummy" >/tmp/artica-install-8a937d171bdca1a0670866f0df6b2799 2>&1
export PKCS11_MODULE_PATH="dummy" >/tmp/artica-install-38c163a03e0183d04c783567108efd1e 2>&1
export KEY_DIR="$EASY_RSA/keys" >/tmp/artica-install-8bd9862e6dff77fe1b54e4dc3872653d 2>&1
export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA` >/tmp/artica-install-76cc9f7b81afe3c9a6032733ba086845 2>&1
export GREP="grep" >/tmp/artica-install-73f2ae5cd6cfc35dce2a2de2a3b93015 2>&1
a4f1e347ee8cb240acafe 2>&1
export PKCS11TOOL="pkcs11-tool" >/tmp/artica-install-ff59797248d/bin/sh: /whichopensslcnf: No such file or directory
export OPENSSL="openssl" >/tmp/artica-install-12befc18b2a19b5bdfec8541d3dd1bd1 2>&1
export EASY_RSA="`pwd`" >/tmp/artica-install-c7b34fbdd208c4ec244b89d5683a4b90 2>&1
Starting......: OpenVPN IP Forwarding is enabled
found 1
loading /tmp/ip_forward
Starting......: OpenVPN server config.: /etc/openvpn/server.conf
Starting......: OpenVPN version.......: 2.1_rc11...
Starting......: OpenVPN ressources....: /usr/share/doc/openvpn/examples/easy-rsa/2.0...
Starting......: OpenVPN tunnel type...: tun...
/bin/cp /etc/artica-postfix/settings/Daemons/ArticaOpenVPNServerSettings /etc/openvpn/server.conf >/tmp/artica-install-f7ba5cfe3cb3618cacc432b2aea26d39 2>&1

Lorsque je regarde dans /etc/artica-postfix/openvpn/keys
01.pem dh1024.pem index.txt.old SRV-MAIL-FS.crt
ca.crt index.txt serial SRV-MAIL-FS.csr
ca.key index.txt.attr serial.old SRV-MAIL-FS.key
ccabaret
 
Posts: 16
Joined: Wed Aug 06, 2008 2:25 pm
Location: NANTES

Re: OpenVPN : server unable to build certificates

New postby admin » Mon Jun 15, 2009 1:09 pm

hum...décidémment, j'ai pas de chances avec vous... ;)
que dit la commande

Code: Select all
/usr/share/artica-postfix/bin/artica-install --openvpn-build-certificate --verbose
User avatar
admin
Site Admin
 
Posts: 11941
Joined: Wed Oct 17, 2007 7:59 am
Location: France

Re: OpenVPN : server unable to build certificates

New postby ccabaret » Mon Jun 15, 2009 1:14 pm

Effectivement ... C'est ce que l'on appelle "tester" en profondeur :lol:
srv-mail-fs:~# /usr/share/artica-postfix/bin/artica-install --openvpn-build-certificate --verbose
export EASY_RSA="`pwd`" >/tmp/artica-install-039402bf0e4f47981fb700a011219ca2 2>&1
export OPENSSL="openssl" >/tmp/artica-install-929b2cf3b78d669ff9625499746f69d8 2>&1
export PKCS11TOOL="pkcs11-tool" >/tmp/artica-install-2eafdf39a5b47388b24661487f7113dc 2>&1
export GREP="grep" >/tmp/artica-install-ad3430fdd2e1bcc2b8674be1864ec0aa 2>&1
export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA` >/tmp/artica-install-bbde490c2ed61e5d920e093a5aa2daaa 2>&1
/bin/sh: /whichopensslcnf: Aucun fichier ou répertoire de ce type
export KEY_DIR="$EASY_RSA/keys" >/tmp/artica-install-2a63e702b8d5767a4cdfe3af05c0fbcd 2>&1
export PKCS11_MODULE_PATH="dummy" >/tmp/artica-install-3b88f00d7bdb40f369622732856b0c53 2>&1
export PKCS11_PIN="dummy" >/tmp/artica-install-5ae68ddb03ada561a4ba7636675b2565 2>&1
export KEY_SIZE=1024 >/tmp/artica-install-0fe44387a2ef097e0476a49b0a04b476 2>&1
export CA_EXPIRE=3650 >/tmp/artica-install-d06a75b6f616d401b62e3536d10e5c64 2>&1
export KEY_EXPIRE=3650 >/tmp/artica-install-1b83bd73c35b96c3ad5d323e8ff7d401 2>&1
export KEY_COUNTRY="FR" >/tmp/artica-install-da4357c78254f6aa5b6a7116efcc2711 2>&1
export KEY_PROVINCE="Loire Atlantique" >/tmp/artica-install-38950052e53d2b593bff6f249ff59315 2>&1
export KEY_CITY="Nantes" >/tmp/artica-install-04689080440a300b46708f90644c4bc9 2>&1
export KEY_ORG="zenngo" >/tmp/artica-install-422da337347b2c3a8a5d9c38f1768301 2>&1
export KEY_EMAIL="cedric.cabaret@zenngo.com" >/tmp/artica-install-00b02c40fed9f2b832f05d4ba39ca880 2>&1
/bin/chmod 777 /etc/artica-postfix/openvpn/vars >/tmp/artica-install-c70a9118feaf382d6178a14aec82ac0d 2>&1
Starting......: OpenVPN ca.key OK
Starting......: OpenVPN ca.key OK
Starting......: OpenVPN index.txt OK
Starting......: OpenVPN index.txt OK
Starting......: OpenVPN serial OK
Starting......: OpenVPN serial OK
Starting......: OpenVPN SRV-MAIL-FS.csr OK
Starting......: OpenVPN SRV-MAIL-FS.csr OK
Starting......: OpenVPN SRV-MAIL-FS.crt OK
Starting......: OpenVPN SRV-MAIL-FS.crt OK
Starting......: OpenVPN dh1024.pem OK
Starting......: OpenVPN dh1024.pem OK
/bin/chmod 0600 /etc/artica-postfix/openvpn/keys/* >/tmp/artica-install-cfebfb0a7b1d119972a9e73d4f2488ba 2>&1
ccabaret
 
Posts: 16
Joined: Wed Aug 06, 2008 2:25 pm
Location: NANTES

Re: OpenVPN : server unable to build certificates

New postby admin » Mon Jun 15, 2009 1:17 pm

normalement, le serveur VPN devrait fonctionner
User avatar
admin
Site Admin
 
Posts: 11941
Joined: Wed Oct 17, 2007 7:59 am
Location: France

Re: OpenVPN : server unable to build certificates

New postby ccabaret » Mon Jun 15, 2009 1:18 pm

Malheureusement non :
open1.jpg
open1.jpg (5.54 KiB) Viewed 6700 times

open2.jpg
open2.jpg (66.56 KiB) Viewed 6700 times
ccabaret
 
Posts: 16
Joined: Wed Aug 06, 2008 2:25 pm
Location: NANTES

Re: OpenVPN : server unable to build certificates

New postby admin » Mon Jun 15, 2009 3:22 pm

Il va falloir que je réplique votre config, quelle distribution utilisez-vous ?
User avatar
admin
Site Admin
 
Posts: 11941
Joined: Wed Oct 17, 2007 7:59 am
Location: France

Re: OpenVPN : server unable to build certificates

New postby ccabaret » Mon Jun 15, 2009 5:20 pm

Debian Lenny kernel 2.6.26-2-686 et Artica v 1.3.061501
ccabaret
 
Posts: 16
Joined: Wed Aug 06, 2008 2:25 pm
Location: NANTES

Re: OpenVPN : server unable to build certificates

New postby admin » Mon Jun 15, 2009 5:25 pm

OK je monte le banc test
User avatar
admin
Site Admin
 
Posts: 11941
Joined: Wed Oct 17, 2007 7:59 am
Location: France


Return to OpenVPN

Who is online

Users browsing this forum: No registered users and 1 guest

cron