I can't connect to my Easy-RSA VPN server. I can connect using SSH; in the logfiles I read "error=CRL has expired". So, according to instructions found using Google I should run
./easyrsa gen-crl
Which gives the error:
Easy-RSA error:
Missing expected CA file: ca.crt (perhaps you need to run build-ca?)
Run easyrsa without commands for usage and command help.
The ca.crt file is located in /etc/openvpn/ca.crt. Where should I put it so I can run the gen-crl command succesfully.
Best Answer
Your ca.crt should reside in ./pki and ca.key in ./pki/private relative to easyrsa script so you should copy or symlink these two files into these directories.