I am unable to create more than one client config in OpenVPN

June 24, 2016 448 views
VPN Debian

I'm up and running. I have created one client key and copied it to my phone. I am able to connect to the VPN using the "OpenVpn for Android" app. I do realize that each device that connects to the VPN will need a unique client profile. In the instructions, the client config uses the client1 naming convention, which I have also used. I attempted to create a new client config by running:
./build-key nex1
within the `/etc/openvpn/easy-rsa directory.
Unfortunately a new key is not generated. Instead this message is displayed:

Please edit the vars script to reflect your configuration,
  then source it with "source ./vars".
  Next, to start with a fresh PKI configuration and to delete any
  previous certificates and keys, run "./clean-all".
  Finally, you can run this tool (pkitool) to build certificates/keys.

The instructions state that all one needs to do is run ./build-key clientname for as many clients as one may need.

What am I missing?

Am I supposed to delete all the keys from the /etc/openvpn/easy-rsa/keys directory before creating a new client config?

If I did delete all these files, it seems like the server may not have a means to verify the client's key/cert. The article mentions that a mutual authentication needs to take place before a successful connection is made.

Be the first one to answer this question.