when i try to add a new n2n vpn connection i get a error from openssl 256
The file /var/log/httpd/error_log has this error
ERROR:Serial number 0E has already been issued,
check the database/serial_file for corruption
The matching entry has the following details
Was revoked on:290204231155Z
Expires on :290204231155Z
Serial Number :0E
File name :unknown
Subject Name :/C=AF/O=trudel.trex-tec.de/CN=INGSRV1
Encryption is AES-CBC and Has: SHA2 512 Bit
I checked google and the community but i cant find any solution.
can you please give me an information how i can handle this problem
Hi, below you have a link that may help:
Also look in the index.txt file.
The path to the above files in IPFire:
Below are the contents of the files in the new system
Below are the contents of the files after generating root/host certificates.
Below are the contents of the files after adding the N2N test connection.
Completion of information about index.txt file
The index.txt file is an ascii file consisting of 6 (not 4) tab-separated
fields. Some of those fields may be empty and might appear not to exist at
The 6 fields are:
- Entry type. May be “V” (valid), “R” (revoked) or “E” (expired).
Note that an expired may have the type “V” because the type has
not been updated. ‘openssl ca updatedb’ does such an update.
- Expiration datetime.
- Revokation datetime. This is set for any entry of the type “R”.
- Serial number.
- File name of the certificate. This doesn’t seem to be used,
ever, so it’s always “unknown”.
- Certificate subject name.
Date and time format
yymmddHHMMSSZ (Z = Zulu = UTC)
Okay, i have in /var/ipfire/ovpn/certs/serial the entry 0E.
But what is the correct value?
Okay, i have solved it by adding the correct serial number in hex to this file
thank you for your help
oh, good grief, that should not be necessary. Is this reproducible?
If so, could you please file a bug so this won’t get lost and we can fix it?
Thanks, and best regards,