You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have tried to use openvpn-ui on an existing openvpn setup and could view certificates and openvpn server basic stats through the Web UI.
However I am not able to create new certificates, neither renew the existing ones, since in my setup the ca.key is protected by a passphrase.
When I try creating a new certificate via the Web interface I get the following in the openvpn-ui log:
Notice
------
Private-Key and Public-Certificate-Request files created.
Your files are:
* req: /usr/share/easy-rsa/pki/reqs/Test.req
* key: /usr/share/easy-rsa/pki/private/Test.key
Using Easy-RSA 'vars' configuration:
* /usr/share/easy-rsa/pki/vars
Using SSL:
* openssl OpenSSL 3.3.1 4 Jun 2024 (Library: OpenSSL 3.3.1 4 Jun 2024)
Using configuration from /usr/share/easy-rsa/pki/openssl-easyrsa.cnf
Enter pass phrase for /usr/share/easy-rsa/pki/private/ca.key:
Could not find CA private key from /usr/share/easy-rsa/pki/private/ca.key
28AB4E5A657F0000:error:1400006B:UI routines:UI_process:processing error:crypto/ui/ui_lib.c:528:while reading strings
28AB4E5A657F0000:error:07880028:common libcrypto routines:do_ui_passphrase:UI lib:crypto/passphrase.c:181:
28AB4E5A657F0000:error:04800068:PEM routines:PEM_do_header:bad password read:crypto/pem/pem_lib.c:445:
Easy-RSA error:
easyrsa_openssl - Command has failed:
* openssl ca -utf8 -batch -in /usr/share/easy-rsa/pki/reqs/Test.req -out /usr/share/easy-rsa/pki/79c560fd/temp.3.1 -extfile /usr/share/easy-rsa/pki/79c560fd/temp.2.1 -days 3650
EasyRSA Version Information
Version: ~VER~
Generated: ~DATE~
SSL Lib: OpenSSL 3.3.1 4 Jun 2024 (Library: OpenSSL 3.3.1 4 Jun 2024)
Git Commit: ~GITHEAD~
Source Repo: https://github.com/OpenVPN/easy-rsa
Host: dev | nix | Linux | undefined
2024/08/27 08:39:33.085 [E] [certificates.go:213] exit status 1
2024/08/27 08:39:33.085 [E] [certificates.go:144] exit status 1
I am running the latest openvpn (d3vilh/openvpn-server:0.5.4) and openvpn-ui (d3vilh/openvpn-ui:0.9.5.5) Docker Images.
It would be great to have support of CA.key passphrases through the Web ui.
The text was updated successfully, but these errors were encountered:
Hello @d3vilh
first of all, thank you for the great project!
I have tried to use openvpn-ui on an existing openvpn setup and could view certificates and openvpn server basic stats through the Web UI.
However I am not able to create new certificates, neither renew the existing ones, since in my setup the ca.key is protected by a passphrase.
When I try creating a new certificate via the Web interface I get the following in the openvpn-ui log:
I am running the latest openvpn (d3vilh/openvpn-server:0.5.4) and openvpn-ui (d3vilh/openvpn-ui:0.9.5.5) Docker Images.
It would be great to have support of CA.key passphrases through the Web ui.
The text was updated successfully, but these errors were encountered: