Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 10 May 2011 15:02:13 -0700
From:      Chuck Swiger <cswiger@mac.com>
To:        Bill Tillman <btillman99@yahoo.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: OpenVPN Setup
Message-ID:  <B00CE6DE-5D7E-49C3-86FA-20D4D66B7B0E@mac.com>
In-Reply-To: <947562.11016.qm@web36501.mail.mud.yahoo.com>
References:  <4DC97839.6010108@mage.hu> <BANLkTi=1GiVgq4Uzd=yuAXpym59gPAzmyg@mail.gmail.com> <4DC982B2.6090303@mage.hu> <BANLkTik8Lu35DpHaGFiaVbB4tFgVe-uYAw@mail.gmail.com> <4DC98B05.7080503@mage.hu> <20110510221009.49a1c6ea@ukr.net> <180587.39161.qm@web36506.mail.mud.yahoo.com> <D78D1894-7B30-4C55-A6A1-91C725C5DB88@mac.com> <947562.11016.qm@web36501.mail.mud.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On May 10, 2011, at 2:50 PM, Bill Tillman wrote:
>> OpenVPN's site provides fine documentation:
>>=20
>>   http://openvpn.net/index.php/open-source/documentation.html
>>   =
http://openvpn.net/index.php/open-source/documentation/miscellaneous/78-st=
atic-key-mini-howto.html
[ ... ]
> I'm working through the docs you referenced in the HOWTO and it says:
> Next, initialize the PKI. On Linux/BSD/Unix:
>=20
> . ./vars
> ./clean-all
> ./build-ca

If you're trying to setup a CA for PKI, then you're not following the =
static key document:

"Static Key Mini-HOWTO

Introduction

Static key configurations offer the simplest setup, and are ideal for =
point-to-point VPNs or proof-of-concept testing.

Static Key advantages

	=95 Simple Setup
	=95 No X509 PKI (Public Key Infrastructure) to maintain"

> the vars file is not executable and from what I see in the Makefile =
they want to chmod it to 644....I tried /bin/sh ./vars and it seemed to =
work but then when I run ./clean-all which is executable I get
> Please source the vars script first (i.e. ". ./vars")

Yes.  The directions assume you are running /bin/sh (or =
Bourne-compatible shells bash, ksh, zsh, etc).

Do that, and ". ./vars" will work.  Running "/bin/sh ./vars" also works, =
but is useless because it changes the variables in a subshell which =
exits once it finishes processing the ./vars file.

> Make sure you have edited it to reflect your configuration.
> I'm stumped as this appears to be something Linux will handle but not =
FreeBSD....any suggestions?

Yes, follow the directions.  OpenVPN works fine on FreeBSD.

Regards,
--=20
-Chuck

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B00CE6DE-5D7E-49C3-86FA-20D4D66B7B0E>