Openvpn Error Number 2
Contents |
Defect (wontfix) easy-rsa: failed to update database > TXT_DB error number 2 Reported by: SiB Owned by: ecrist Priority: major Milestone: Component: easy-rsa Version: 2.2.2 Severity: Not set (if unsure, select this one) Keywords: Cc: Description Hello, txt_db error number 2 openssl OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Dec 15 2011 Windows openssl unique_subject XP 32bit, Windows 7 32bit, Windows 7 64bit I try create a certs using included "easy-rsa", I do all unique_subject = no correct with README.txt and OpenVPN.org>HOWTO. Three bat scripts create a something in index.txt who generate errors. I attach one process who show the problem as perfect as I can do it.
Openssl Revoke
When I do official Howto way, I receive error: rem sign the cert request with our ca, creating a cert/key pair openssl ca -days 3650 -out c:\PROGRA~2\OpenVPN\easy-rsa\keys\client1.crt -in c:\PROGRA~2\OpenVPN\easy-rsa\key \client1.csr -config openssl-1.0.0.cnf ... Certificate is to be certified until Oct 5 21:19:18 2022 GMT (3650 days) Sign the certificate? [y/n]:y failed to update database TXT_DB error number 2 To solve this I openssl revoke certificate without file must do "echo. 2>keys\index.txt" to do empty file every I use one of them: build-key.bat, build-key-server.bat, revoke-full.bat . I understand it's not good method - I cannot what problems I do by this then write this case. Please correct this easy-rsa scripts. Best Regards Marcin Przysowa Attachments (1) bug_gen_cert.txt (4.8 KB) - added by SiB 4 years ago. my todo to show the error. Download all attachments as: .zip Oldest first Newest first Threaded Comments only Change History (7) Changed 4 years ago by SiB Attachment bug_gen_cert.txt added my todo to show the error. comment:1 Changed 4 years ago by SiB I still think that README.txt have error. In README.txt haven't any WARNING that easy-rsa are working good ONLY when you input (for ALL CLIENT certification (build-key.bat)) DIFFERENT Common Name! value for each build client cert. I found not solution but workaround this situation by adding this: echo unique_subject = no >%d%\index.txt.attr at the end of 'clean-all.bat'. Now, clean-all.bat create a file index.txt.attr with information about Common Name can be repeat (no unique) and now I can working with this easy-rsa addon. Please
21:14 Tags: OpenVPN, Roadwarrior. While signing a certificate for a new OpenVPN user, I received the following error message which easy-rsa revoke certificate stops the whole process (exit code 1) Certificate is to be certified
Unique_subject = No Openssl
until Nov 6 08:53:05 2023 GMT (3650 days) Sign the certificate? [y/n]:y failed to update database TXT_DB
Openssl Delete Certificate From Database
error number 2 Problem: Because you have generated your own self signed certificate with the same CN (Common Name) information that the CA certificate that you've generated before. Enter https://community.openvpn.net/openvpn/ticket/229 another Common Name. 6 Responses to "TXT_DB error number 2 failed to update database" Feed for this Entry Trackback Address Yonni June 29, 2016 at 08:57 Thanks! Worked ieio May 27, 2016 at 11:38 In case you need to sign two certificate with the same CM you can modify your database attr with unique_subject = no Manoj http://zeldor.biz/2013/11/txt_db-error-number-2-failed-to-update-database/ March 28, 2016 at 14:33 Work for me!! vikas027 March 6, 2016 at 15:38 I just manually deleted the entry from the index.txt file and it worked for me. t123yh September 30, 2015 at 12:37 Great. sham March 9, 2014 at 17:05 Solved my issue. « Upgrading Fedora to Schrodinger’s Cat v.19 Remote Mirroring with nc and dd » Leave a Reply Cancel Reply Name (required) Mail (will not be published) (required) Website « Upgrading Fedora to Schrodinger’s Cat v.19 Remote Mirroring with nc and dd » Search Search for: Categories Apple Bash Books Cisco Debian DIY FTP Fun HTTP IPv6 Kernel Linux Mac OS X Macroeconomic Mailing Mobile Monitoring MySQL Networking Nmap OpenVPN Programming Python Ruby Tcpdump Ubuntu Virtualization Windows Archives July 2015 December 2014 July 2014 March 2014 January 2014 December 2013 November 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 May 2012 March 2012 February 2012 Janua
linuxsetup71.html , and linuxsetup54.html for more details. Step 1 - Create a certificate In this example, we http://randombio.com/linuxsetup121.html will create a certificate for our good friend Froos Waxbiffel, whose login name is froos. The name of our hypothetical server is "diarrhea." We will be using a package called easy-rsa. The first step is to source all the environment variables it needs. cd vpn/openvpn-2.0.2/easy-rsa diarrhea:/home/tjnelson/vpn/openvpn-2.0.2/easy-rsa$ . vars NOTE: when you run ./clean-all, I will be error number doing a rm -rf on /home/tjnelson/vpn/openvpn-2.0.2/easy-rsa/keys Next run build-key, accepting all the default parameters. These were specified when the CA was created. Only the Common Name needs to be entered. diarrhea:/home/tjnelson/vpn/openvpn-2.0.2/easy-rsa$ ./build-key froos Generating a 1024 bit RSA private key .................................................................++++++ ........++++++ writing new private key to 'froos.key' ----- You are about to be asked error number 2 to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [US]: State or Province Name (full name) [MD]: Locality Name (eg, city) [ROCKVILLE]: Organization Name (eg, company) [BURPI]: Organizational Unit Name (eg, section) []: Common Name (eg, your name or your server's hostname) []:diarrhea Email Address [tjnelson@diarrhea-gots-us.com]: It then asks for a challenge password. If you enter a password here, the user will be required to type it every time they log in. So we usually will leave it blank. Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: Using configuration from /home/tjnelson/vpn/openvpn-2.0.2/easy-rsa/openssl.cnf DEBUG[load_index]: unique_subject = "yes" Ch