From owner-freebsd-questions@FreeBSD.ORG Fri Jan 21 02:11:06 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ACBB216A4CE for ; Fri, 21 Jan 2005 02:11:06 +0000 (GMT) Received: from bmyster.com (loqtis.bmyster.com [66.55.195.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id 16AA243D1D for ; Fri, 21 Jan 2005 02:11:06 +0000 (GMT) (envelope-from sgill@metrocast.net) Received: from [10.10.1.200] (d-65-175-251-66.metrocast.net [65.175.251.66]) by bmyster.com (8.12.11/8.12.11) with ESMTP id j0L2G82l041867 for ; Thu, 20 Jan 2005 21:16:12 -0500 (EST) Message-ID: <41F064BE.8060509@metrocast.net> Date: Thu, 20 Jan 2005 21:11:10 -0500 From: Shawn User-Agent: Mozilla Thunderbird 0.9 (Windows/20041103) X-Accept-Language: en-us, en MIME-Version: 1.0 To: "freebsd-questions@freebsd.org" Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: openvpn? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Jan 2005 02:11:06 -0000 I have been attempting to get open vpn working on my freebsd 4.11 Alpha machine. SO Far I have done the following.. I did the make install for /usr/ports/security/openvpn/ Where is uses SSL Im trying to understand the config file for /etc/ssl/openssl.cnf After an attempted figure change I try to generate the keys.. I create a master certificate authority certificate/private-key *openssl req -nodes -new -x509 -keyout shawng-ca.key -out shawng-ca.crt -days 3650* Then create certificate/private-key pairs for both Home and Office: *openssl req -nodes -new -keyout office.key -out office.csr * Then this gives me a hard time.. *openssl ca -out office.crt -in office.csr * # openssl ca -out office.crt -in office.csr --> /This screams config file to me --> /Using configuration from /etc/ssl/openssl.cnf Error opening CA private key ./demoCA/private/cakey.pem 63975:error:0E06D06C:configuration file routines:NCONF_get_string:no value:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/conf/conf_lib.c:329:group=CA_default name=unique_subject 63975:error:02001002:system library:fopen:No such file or directory:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/bio/bss_file.c:276:fopen('./demoCA/private/cakey.pem','r') 63975:error:20074002:BIO routines:FILE_CTRL:system lib:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/bio/bss_file.c:278: unable to load CA private key Segmentation fault (core dumped) Im just having troubles understanding whats what in the config file ..