lkeijser / stonevpn Goto Github PK
View Code? Open in Web Editor NEWEasy OpenVPN certificate and configuration management
License: GNU General Public License v2.0
Easy OpenVPN certificate and configuration management
License: GNU General Public License v2.0
When trying to generate new certificates with stonevpn, I receive this traceback:
[root@rioja ~]# stonevpn -f lilypad -n lilypad
Creating lilypad.key and lilypad.crt for lilypad
Traceback (most recent call last):
File "/usr/bin/stonevpn", line 18, in <module>
sys.exit(app.main() or 0)
File "/usr/lib/python2.6/site-packages/StoneVPN/app.py", line 226, in main
s.run()
File "/usr/lib/python2.6/site-packages/StoneVPN/app.py", line 330, in run
self.makeCert( self.fname, self.cname )
File "/usr/lib/python2.6/site-packages/StoneVPN/app.py", line 680, in makeCert
req = self.createCertRequest(pkey, CN=cname, C=countryName, ST=stateOrProvinceName, O=organizationName, OU=organizationalUnitName)
File "/usr/lib/python2.6/site-packages/StoneVPN/app.py", line 533, in createCertRequest
setattr(subj, key, value)
OpenSSL.crypto.Error: [('asn1 encoding routines', 'ASN1_mbstring_ncopy', 'string too short')]
Any ideas?
Executing stonevpn -a lists existing certificates just fine.
stonevpn 0.4.7 on Fedora 12 (x86_64)
Hi,
Just wonder if you have any plan to includ the code of expanding the $ENV:<env_name> variables while parsing the openssl.cnf file? This seem to be a standard openssl.cnf format and a lot of application using this format, including the easy-rsa that are recommended by a lot of OpenVPN's how-to document.
rgds.
Hi,
don't know if because of the latest Android versions (tested with 7 and 8), or because of new OpenVPN client versions for Android, I had problems importing the configuration files and the certificates with Android OpenVPN client. There was no way to let the app find the related certificate files.
I was able to manually hack the configuration file and embed all the certificates in the configuration file itself, by using a syntax like .... .
Refs:
It would be great if StoneVPN could manage that syntax as well.
File "/usr/local/bin/stonevpn", line 17, in
import StoneVPN.app as app
File "/home/andre/projects/stonevpn/StoneVPN/app.py", line 40, in
from configobj import ConfigObj
ImportError: No module named configobj
Ubuntu 11.10
As you can see in https://www.centos.org/forums/viewtopic.php?f=50&t=47210 md5 support has been removed as it's no longer regarded as secure (even by Microsoft).
The certs generated by stonevpn can no longer be used to connect to the openvpn server on CentOS 7.x (6.x is OK).
It works if I modify /etc/systemd/system/[email protected] file by adding:
[Service]
Environment="OPENSSL_ENABLE_MD5_VERIFY=1 NSS_HASH_ALG_SUPPORT=+MD5"
I see there is digest="md5" in a few places in /lib/python2.7/site-packages/StoneVPN/app.py. What can I use instead of "md5" here?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.