Okay, here are the steps.
-
Run the command
cp /var/ipfire/ovpn/openssl/ovpn.cnf /var/ipfire/ovpn/openssl/ovpn.cnf.orig. This creates a backup copy. -
Run the command
chown nobody:nobody /var/ipfire/ovpn/openssl/ovpn.cnf.orig. This changes the owner from root to nobody, in case you need to use this backup file. -
Run the command
nano -l /var/ipfire/ovpn/openssl/ovpn.cnf. This will open the nano editor with line numbers shown. Remove the lines 88 & 87 and exit from editor saving the changes.
These lines should have the contents
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer:always
-
Run the Generate root/host certificates command on the OpenVPN WUI page. It should work successfully now.
-
If the changes work then you can delete the ovpn.cnf.orig file.