Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I have a tricky problem and would appreciate any help i can get.
I have a OpenVPN structure based on PKI, i generate the certificates with the tools that come with OpenVPN(easy-rsa).
I have created a few clientcerts and a couple server certs and everything works fine.
Now to the problem. When i tried to create a new client certificate today with the ./build-key <name> command i get this:
Please edit the vars script to reflect your configuration,
then source it with "source ./vars".
Next, to start with a fresh PKI configuration and to delete any
previous certificates and keys, run "./clean-all".
Finally, you can run this tool (pkitool) to build certificates/keys.
This is what i would get if i was doing this the first time and creating a new rootcert and so on. This is not what i want to do, if i create a new rootcert i must recreate all my server and clientcerts wich would be a real pain.
What could cause this behavior, the only thing i could think of that has changed is that the CA is located on a virtual machine and i moved it to another folder on the vmware host.
My Questions are. Have all settings been reset somehow? What caused this(so i can avoid it in the future)? And can i solve it somehow so i dont have to recreate all my certs ?
Hope this is understandable, please ask if its unclear.
If anyone have a solution for this or can point me in the right direction i would be very thankful!
i'm not familiar with OpenVPN(easy-rsa) regarding CA and keys but i've seen problems with other distributions/versions that had relative paths in openssl configuration file(s) which caused problems if you did not run the key-gen scripts in the correct directory you'd encounter similar problems...
I made it a habit to set static path(s) in appropriate config file(s) so that i could run the commands/scripts from anywhere and the correct files would be found. for example, an openssl.cnf will typically define dir = . but I'd modify it to be dir = /etc/pki/CA/ (or wherever).