thanks for Stuart your deep knowlege . i try easy-rsa on snapsots & ports , but it is not matured . i wait some time to expect its maturing reading https://openvpn.net/index.php/access-server/docs/quick-start-guide.html . ----- regards
2015-12-15 17:36 GMT+09:00 Stuart Henderson <s...@spacehopper.org>: > On 2015-12-14, Tuyosi Takesima <nakajin.fu...@gmail.com> wrote: > > Hi all . > > about openvpn ,i follow http://www.kernel-panic.it/openbsd/vpn/vpn4.html > > > > cp openssl-0.9.6.cnf openssl.cnf > > > > and > > when # ./pkitool > > easy-rsa is broken in 5.8 release. If you fetch a -stable ports tree > from cvs and update easy-rsa you can get a version which has a workaround. > > > --initca > > then > > Using CA Common Name: changeme > > error on line 39 of /usr/local/share/easy-rsa/openssl.cnf > > 6496586334084:error:0E065068:configuration file > routines:STR_COPY:variable > > has no > > > value:/usr/src/lib/libcrypto/crypto/../../libssl/src/crypto/conf/conf_def.c:573:line > > 39 > > > > > > line 39 of /usr/local/share/easy-rsa/openssl.cnf > > is > > 39 dir = $ENV::KEY_DIR # Where everything is kept > > This is the config file passed to the openssl(1) tool, /usr/bin/openssl > (which is LibreSSL in OpenBSD). It's using this syntax to try and pass in > a variable via the process environment. You might think that the config > parser for this is in the tool itself, but actually it's in the library(!). > Changing library behaviour based on environment variables is considered > dangerous in some cases, so it's been removed from LibreSSL.
