I'm working on setting up an openvpn server. I'm using the standard sources of debian jessie and easy-rsa as an CA.
Everything worked fine until I've tried to start openvpn via init script. When I'm running /etc/init.d/openvpn start
following error comes up in /var/log/daemon.log
Options error: --client-config-dir fails with "/etc/openvpn/easy-rsa/keys/crl.jail//etc/openvpn/server.ccd": No such file or directory
Has someone of you a idea where this mess with the paths comes from?
The directory what is set in the config file exists.
The server.conf file:
port 1194
proto udp
dev tun
comp-lzo
keepalive 10 120
persist-key
persist-tun
user nobody
group nogroup
chroot /etc/openvpn/easy-rsa/keys/crl.jail
crl-verify crl.pem
ca /etc/openvpn/easy-rsa/keys/ca.crt
dh /etc/openvpn/easy-rsa/keys/dh2048.pem
tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
key /etc/openvpn/easy-rsa/keys/server.key
cert /etc/openvpn/easy-rsa/keys/server.crt
ifconfig-pool-persist /var/lib/openvpn/server.ipp
client-config-dir /etc/openvpn/server.ccd
status /var/log/openvpn/server.log
verb 4
# virtual subnet unique for openvpn to draw client addresses from
# the server will be configured with x.x.x.1
# important: must not be used on your network
server 10.254.1.0 255.255.255.0
# push routes to clients to allow them to reach private subnets
push "route 10.0.0.0 255.0.0.0"
THX for your help.
Best Answer
It seems that the directory doesn't exist, you could try making it with
Although I would probably just use
and adjust the config appropriately.
Update:
That is key to solving your problem.