How do I create extra users for openvpn?

Red Squirrel · 02-11-2009, 04:37 PM

I'm trying to add a 2nd vpn user but it wants me to redo the entire CA, which would render the other user's non usable. Is there a way around this?

Code:

[root@extvpnsrv easy-rsa]# ./build-key-pass user2
Please edit the vars script to reflect your configuration,
then source it with "source ./vars".
Next, to start with a fresh PKI configuration and to delete any
previous certificates and keys, run "./clean-all".
Finally, you can run this tool (pkitool) to build certificates/keys.

This I did already when I first setup but now it wants to do it again? Why?

brenan99 · 02-14-2009, 12:32 AM

Did you create and sign the first client's cert and then come back later in a different terminal? If so, just re-reun source ./vars because your settings were lost.

If that doesn't fix it, IIRC I might have run into a similar problem the other day on linux where I sourced that ./vars file but it still complained. I was messing around with openvpn today on solaris and instead of doing a source ./vars I did a . ./vars which I can't remember if I did or not on the linux box to fix the problem. Worth a try tho I guess. Good luck.

Red Squirrel · 02-14-2009, 12:46 AM

Won't that command reset the CA making all other certs invalid though? That's my problem, I don't want to invalidate the existing users.

adrianlarsson · 03-09-2009, 08:12 PM

anyone figure this out? i already have about 10 users with the CA and their own keys, i cant just redo them all

lth0721 · 03-10-2009, 09:24 PM

you can try it like below, I added clients like this.

cd easy-rsa
. ./vars
./build-key user2