# Undefined variable openvpn



## thegolum35 (Jan 9, 2013)

Hi, 

I have an issue generating openvpn keys. Here is vars file:

```
# NOTE: If you installed from an RPM,
# don't edit this file in place in
# /usr/share/openvpn/easy-rsa --
# instead, you should copy the whole
# easy-rsa directory to another location
# (such as /etc/openvpn) so that your
# edits will not be wiped out by a future
# OpenVPN package upgrade.

# This variable should point to
# the top level of the easy-rsa
# tree.
setenv EASY_RSA `pwd`

#
# This variable should point to
# the requested executables
#
setenv OPENSSL openssl
setenv PKCS11TOOL pkcs11-tool
setenv GREP grep


# This variable should point to
# the openssl.cnf file included
# with easy-rsa.
setenv KEY_CONFIG `$EASY_RSA/whichopensslcnf $EASY_RSA`

# Edit this variable to point to
# your soon-to-be-created key
# directory.
#
# WARNING: clean-all will do
# a rm -rf on this directory
# so make sure you define
# it correctly!

setenv KEY_DIR $EASY_RSA/keys

# Issue rm -rf warning
echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR

# PKCS11 fixes
setenv PKCS11_MODULE_PATH dummy
setenv PKCS11_PIN dummy

# Increase this to 2048 if you
# are paranoid.  This will slow
# down TLS negotiation performance
# as well as the one-time DH parms
# generation process.
setenv KEY_SIZE 4096

# In how many days should the root CA key expire?
setenv CA_EXPIRE 3650

# In how many days should certificates expire?
setenv KEY_EXPIRE 3650

# These are the default values for fields
# which will be placed in the certificate.
# Don't leave any of these fields blank.
setenv KEY_COUNTRY FR
setenv KEY_PROVINCE FR
setenv KEY_CITY Noyal
setenv KEY_ORG Moi
setenv KEY_EMAIL [email]antonintessier@live.fr[/email]
setenv KEY_EMAIL [email]mail@host.domain[/email]
setenv KEY_CN changeme
setenv KEY_NAME changeme
setenv KEY_OU changeme
setenv PKCS11_MODULE_PATH changeme
setenv PKCS11_PIN 1234
```

The problem is that 
	
	



```
csh .clean-all
```
 says 





> KEY_DIR: Undefined variable



Thank you.


----------



## SirDice (Jan 9, 2013)

I would suggest doing your scripting with /bin/sh instead.


----------



## thegolum35 (Jan 9, 2013)

I tried but I get an 
	
	



```
vars: setenv: not found
```
 error.


----------



## SirDice (Jan 9, 2013)

Yes, setenv is a csh built-in. Scripting should really be done with Bourne shell (or similar). Csh is a nice shell for interactive use but scripting with it requires severe masochistic tendencies. 

Bourne Shell Tutorial


----------



## wblock@ (Jan 9, 2013)

In sh(1), variables are assigned with =:

```
EASY_RSA=`pwd`
```

There is also security/ssl-admin.  It does the things the RSA scripts do, but from a menu.  It does use different terminology, and my project to document usage has been on hold while I try to figure it out.


----------



## thegolum35 (Jan 9, 2013)

I think I am gonna try that tool. Thank you.

Gollum


----------



## wblock@ (Jan 10, 2013)

New thread started: http://forums.freebsd.org/showthread.php?t=36917.


----------

