On Wed, 08 Mar 2023 01:45:40 +0000, tincantech via Openvpn-users <openvpn-users@lists.sourceforge.net> wrote:
>Appears to be correct. So now I have finally attacked the existing easy-rsa dir by doing this: 1) Copied the whole dir to easyrsa3 and renamed the source dir to easyrsa2 2) Removed some old script files I had written and are no longer useful. 3) Copied in the easyrsa3 files retrieved via svn as described earlier and then moved the easyrsa script to ~/bin/ so as to put it on path. 4) Failed to edit the vars file! <== ! see below 5) Ran the command: EASYRSA_TEMP_DIR="$PWD" VERBOSE=1 easyrsa upgrade pki This failed luckily with these messages: cp: cannot stat '/home/bosse/openvpn/easy-rsa/keys/index.txt': No such file or directory and ERROR: Failed to copy /home/bosse/openvpn/easy-rsa/keys/index.txt to /home/bosse/openvpn/easyrsa3/pki Turns out that in the vars file was a directive: export EASY_RSA="/home/bosse/openvpn/easy-rsa" Which in this case after renaming easy-rsa to easyrsa2 was nowhere to be found. If this rename had not been the case then I guess easyrsa would have operated on the original v2 dir rather than the copy to be upgraded to v3. After I changed the export to the new dir the conversion went smoothly and clients with and without passwords created in the new dir could connect fine. So if a migration to version 3 is done on a *copy* of the version2 dir then it is important to edit the vars file in that dir to point it to the new dir. Using this instead would probably be better: export EASY_RSA="$PWD" -- Bo Berglund Developer in Sweden _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
