Error while creating a VPN server

[josep.spam@…]

After entering a name for the VPN server, and clicking on the Add button, I get the error:

Sorry, an unexpected error has ocurred
Can't use an undefined value as a HASH reference

Trace
Can't use an undefined value as a HASH reference at /usr/share/perl5/EBox/OpenVPN/Model/Servers.pm line 383.

This is a fresh install of Ubuntu Server 10.04.1 LTS in a Virtualbox machine. All software is up-to-date, be it on the host or on the guest. HTTPS port for Zentyal is 8443. After hitting this error for the first time I tried removing the module and then reinstalling it. I did it 2-3 times from the administration page as well as from a SSH prompt, with aptitude.

[jacalvo@…]

closing as duplicate of #2431

[anonymous]

Replying to jacalvo@ebox-platform.com:

closing as duplicate of #2431

Ticket #2431 shouldn't be closed because it's not a duplicate of #2431.

[josep.spam@…]

On a different installation (again, a clean installation from Zentyal ISOs), the VPN device is created, but I get the same error as above. When I restart the service in the Dashboard I get the following page:

No CA certificate

To show technical details click here.

Trace
No CA certificate at /usr/share/perl5/EBox/OpenVPN/Server.pm line 171
EBox::OpenVPN::Server::caCertificatePath('EBox::OpenVPN::Server=HASH(0x7f796fa0bf18)') called at /usr/share/perl5/EBox/OpenVPN/Server.pm line 378
EBox::OpenVPN::Server::confFileParams('EBox::OpenVPN::Server=HASH(0x7f796fa0bf18)', 'confDir', '/etc/openvpn') called at /usr/share/perl5/EBox/OpenVPN/Daemon.pm line 338
EBox::OpenVPN::Daemon::writeConfFile('EBox::OpenVPN::Server=HASH(0x7f796fa0bf18)', '/etc/openvpn') called at /usr/share/perl5/EBox/OpenVPN.pm line 253
EBox::OpenVPN::_writeConfFiles('EBox::OpenVPN=HASH(0x7f796f4d6098)') called at /usr/share/perl5/EBox/OpenVPN.pm line 127
EBox::OpenVPN::_enforceServiceState('EBox::OpenVPN=HASH(0x7f796f4d6098)', 'restart', 1) called at /usr/share/perl5/EBox/Module/Service.pm line 682
EBox::Module::Service::_regenConfig('EBox::OpenVPN=HASH(0x7f796f4d6098)', 'restart', 1) called at /usr/share/perl5/EBox/Module/Service.pm line 707
EBox::Module::Service::restartService('EBox::OpenVPN=HASH(0x7f796f4d6098)') called at /usr/share/perl5/EBox/CGI/EBox/RestartService.pm line 51
EBox::CGI::EBox::RestartService::_process('EBox::CGI::EBox::RestartService=HASH(0x7f796e7c96d8)') called at /usr/share/perl5/EBox/CGI/Base.pm line 262
EBox::CGI::Base::run('EBox::CGI::EBox::RestartService=HASH(0x7f796e7c96d8)') called at /usr/share/perl5/EBox/CGI/Run.pm line 120
EBox::CGI::Run::run('EBox::CGI::Run', 'EBox/RestartService', 'EBox') called at /usr/share/ebox/cgi/ebox.cgi line 35
ModPerl::ROOT::ModPerl::Registry::usr_share_ebox_cgi_ebox_2ecgi::handler('Apache2::RequestRec=SCALAR(0x7f796e703680)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
eval {...} called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
ModPerl::RegistryCooker::run('ModPerl::Registry=HASH(0x7f796e703800)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 170
ModPerl::RegistryCooker::default_handler('ModPerl::Registry=HASH(0x7f796e703800)') called at /usr/lib/perl5/ModPerl/Registry.pm line 31
ModPerl::Registry::handler('ModPerl::Registry', 'Apache2::RequestRec=SCALAR(0x7f796e703680)') called at -e line 0
eval {...} called at -e line 0

I do have, actually, a CA.

[ovevogel]

Hi!

I got the same problem but as the server was created anyway I didn't bother but I later got "No CA certificate" errors when I tried to download client bundle or tried to download certificate files. It seems the problem actually was introduced when I created the Certificate Authoroty even though the CA-creation procedure went fine.

I created an organisation wich included the word Förening and the special Swedish character ö in the name seems to be the big nono. Other certificates issued with this CA then didn't have "O=Hejhopp Förening" in the request/key/certificate but instead had "O=Hejhopp F\xF6rening".

So after trying a lot of tricks i did this.

# cd /var/lib/ebox
# mv CA CA-old

And when I finally created a new CA without the special characters in the organisation name everything works fine, so far :-).

[josep.spam@…]

My organization name did not contain any special characters. Although, the city name contained a "ç". Could it be a case of special characters? (year 2010 and we still need to waste time because of non-UTF8 codes!!!). To test your point, I have run "sudo aptitude purge ebox-ca" and reinstalled back the Certificate and the OpenVPN Modules from the frontend. Then I configured everything, creating a VPN Server (this time only ASCII characters in all fields) and a client's certificate. Everything went fine. So I guess that you are right and the package is not dealing properly with the characters.

Replying to ovevogel:

Hi!

I got the same problem but as the server was created anyway I didn't bother but I later got "No CA certificate" errors when I tried to download client bundle or tried to download certificate files. It seems the problem actually was introduced when I created the Certificate Authoroty even though the CA-creation procedure went fine.

I created an organisation wich included the word Förening and the special Swedish character ö in the name seems to be the big nono. Other certificates issued with this CA then didn't have "O=Hejhopp Förening" in the request/key/certificate but instead had "O=Hejhopp F\xF6rening".

So after trying a lot of tricks i did this.

# cd /var/lib/ebox
# mv CA CA-old

And when I finally created a new CA without the special characters in the organisation name everything works fine, so far :-).

[jsoriano@…]

(In [19393]) NN: Handle spaces in server names, fixes #2252,#2329,#2381,#2416,#2431

[jsoriano@…]

(In [19542]) NN: VPN servers cannot be managed without a valid CA certificate, refs #2431, #2531

[jsoriano@…]

(In [19565]) NN: VPN servers are correctly disabled when their certificates are expired or revoked, fixes #2531, refs #2431