This happens on an updated easyrsa3 installation (see other thread for details).
--------------------------------------------
(previously existing client)
$ easyrsa show-cert BrittisUbu
Showing cert details for: 'BrittisUbu'
This file is stored at:
* /home/bosse/openvpn/easyrsa3/pki/issued/BrittisUbu.crt
Certificate:
Data:
<snip>
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
X509v3 Subject Alternative Name:
DNS:BrittisUbu
-------------------------------------------
But when I try this I receive an error:
$ easyrsa show-expire BrittisUbu
* Using Easy-RSA configuration: /home/bosse/openvpn/easyrsa3/pki/vars
* Using SSL: openssl OpenSSL 1.1.1f 31 Mar 2020
WARNING
=======
Untrapped error detected!
--------------------------------------------
Next when I try with a client created after the update (no password on this):
$ easyrsa show-expire TestClientNP
* Using Easy-RSA configuration: /home/bosse/openvpn/easyrsa3/pki/vars
* Using SSL: openssl OpenSSL 1.1.1f 31 Mar 2020
--------------------------------------------
And when I try with a new client *with* a password:
$ easyrsa show-expire TestClientPW
* Using Easy-RSA configuration: /home/bosse/openvpn/easyrsa3/pki/vars
* Using SSL: openssl OpenSSL 1.1.1f 31 Mar 2020
WARNING
=======
Untrapped error detected!
--------------------------------------------
Using easyrsa show-cert ClientName does show the cert (see start of post)
If I use this directly it correctly shows the expiration dates for all certs:
openssl x509 -dates -noout -in $CERT
(when $CERT is any of the above)
(Must be executed inside the directory holding the crt files i.e. pki/issued)
What have I missed now?
I thought it would show when the cert is due to expire, but maybe not?
--
Bo Berglund
Developer in Sweden
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
