Have the instructions been tested?
Keep getting errors (certificates invalid,, etc.), server key is not copied to /etc/openvpn, .. please test again, and fix the edits when needed. Because at the moment it's not possible to setup OpenVPN. Francoism (talk) 13:09, 28 August 2016 (UTC)
- Yes, they have been tested. I cannot reproduce either of the comments you wrote in your accuracy flags this following these steps from start to finish creating the ovpn file. Suggest you try again. Graysky (talk) 17:01, 28 August 2016 (UTC)
- Hi Graysky, finally found time to start over, turns out your Francoism (talk) 21:06, 17 October 2016 (UTC) AUR and other generators I tried, don't copy the CA-certificate (yeah, should have check this). Maybe this happens because of permission issues. Is it helpful to add this as a note (e.g. what tags should (not) be empty?) Thanks.
- Don't know for sure to be honest, thought under root. But if this should work fine, it is an issue at my end. The command was executed correctly, didn't receive any error. Is it possible security tools block access (like AppArmor) and just return an empty file instead? Thanks Francoism (talk) 09:00, 18 October 2016 (UTC)
Rewrited page untested and didnt work.
- Reverted the edits, they didn't respect ArchWiki:Contributing#Do_not_make_complex_edits_at_once either. Old revision in case someone wants to take a closer look: diff, revision -- Alad (talk) 10:50, 8 November 2016 (UTC)
- Copy-paste from https://community.openvpn.net/openvpn/wiki/EasyRSA3-OpenVPN-Howto --Althathwe (talk) 11:21, 8 November 2016 (UTC)
- I am sorry for making a complex edit at once. It did feel intrusive, but I did it nonetheless. It did not adhere to ArchWiki:Contributing#Do_not_make_complex_edits_at_once, so that was a mistake.
- The current state of this article highly complex and hard to understand, in my opinion. It is actually not helping, it's easier to follow upstream docs. It does not explain complex subjects like PKI, CA and CSR.
- Easy-RSA commands should not be executed as root. I find it a terrible idea. You could just as well execute the commands as a non-privileged user and transfer the generated files to
/etc/easy-rsa. I expect the user to make that decision for herself.
- Overall, I would like this article to be simpler and be more The Arch Way. How do we proceed to do that?
- Aude (talk) 12:55, 8 November 2016 (UTC)
- Easy-RSA commands should be executed as root and in /etc/easy-rsa:
[user@v-arch-1 ~]$ easyrsa init-pki WARNING: can't open config file: /home/user/openssl-1.0.cnf Easy-RSA error: The OpenSSL config file cannot be found. Expected location: /home/user/openssl-1.0.cnf [user@v-arch-1 easy-rsa]$ easyrsa init-pki mkdir: cannot create directory ‘/etc/easy-rsa/pki’: Permission denied Easy-RSA error: Failed to create PKI file structure (permissions?)