Hello listmates, I've got this Centos 5.5 box which I am trying to configure as an OpenVPN server. Now 2.1.4 seems to have added pkcs11 support and that stops me from creating the CA and other necessary files: [root at gw5fl 2.0]# . ./vars bash: /usr/share/doc/openvpn-2.1.4/easy-rsa/2.0/whichopensslcnf: Permission denied NOTE: If you run ./clean-all, I will be doing a rm -rf on /usr/share/doc/openvpn-2.1.4/easy-rsa/2.0/keys [root at gw5fl 2.0]# ./clean-all [root at gw5fl 2.0]# ./build-ca Please edit the vars script to reflect your configuration, then source it with "source ./vars". Next, to start with a fresh PKI configuration and to delete any previous certificates and keys, run "./clean-all". Finally, you can run this tool (pkitool) to build certificates/keys. [root at gw5fl 2.0]# Now, the tool I seem to need (from the "vars" file): export PKCS11TOOL="pkcs11-tool" does not seem to be there and I am not sure how to install it as I couldn't find it. So, any perspective on what this mess is all about and how to get out of it would be much appreciated. Thanks. Boris.
>[root at gw5fl 2.0]# . ./vars >bash: /usr/share/doc/openvpn-2.1.4/easy-rsa/2.0/whichopensslcnf: >Permission deniedSee that error above? Make that script executable... It's a bash script `vars` is calling and not able to execute.
Boris, Are you using bash? Try this: /bin/bash . ./vars -- Peter On 01/20/2011 08:28 AM, Boris Epstein wrote:> Hello listmates, > > I've got this Centos 5.5 box which I am trying to configure as an > OpenVPN server. Now 2.1.4 seems to have added pkcs11 support and that > stops me from creating the CA and other necessary files: > > > [root at gw5fl 2.0]# . ./vars > bash: /usr/share/doc/openvpn-2.1.4/easy-rsa/2.0/whichopensslcnf: > Permission denied > NOTE: If you run ./clean-all, I will be doing a rm -rf on > /usr/share/doc/openvpn-2.1.4/easy-rsa/2.0/keys > [root at gw5fl 2.0]# ./clean-all > [root at gw5fl 2.0]# ./build-ca > Please edit the vars script to reflect your configuration, > then source it with "source ./vars". > Next, to start with a fresh PKI configuration and to delete any > previous certificates and keys, run "./clean-all". > Finally, you can run this tool (pkitool) to build certificates/keys. > [root at gw5fl 2.0]# > > Now, the tool I seem to need (from the "vars" file): > > export PKCS11TOOL="pkcs11-tool" > > does not seem to be there and I am not sure how to install it as I > couldn't find it. > > So, any perspective on what this mess is all about and how to get out > of it would be much appreciated. > > Thanks. > > Boris. > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos
Seemingly Similar Threads
- pkcs11-helper-devel is needed
- DEFAULT_PKCS11_WHITELIST on 64-bit Linux systems
- [Bug 3561] New: Open SSH does not support 1-byte structure packing on non-windows systems for PKCS11
- [Bug 2652] New: PKCS11 login skipped if login required and no pin set
- RFE: OpenSSH Support for PKCS11 Funneling to PAM for Kerberos/PKINIT