1

When I try to perform this command:

sudo openvpn --show-pkcs11-ids /usr/lib/libeTPkcs11.so

I get error:

Options error: Unrecognized option or missing parameter(s) in [CMD-LINE]:1: show-pkcs11-ids (2.3.2)
Use --help for more information.

This shows nothing:

openvpn --help | grep show-pkcs11-ids

which openvpn

/usr/local/sbin/openvpn

openvpn --version

OpenVPN 2.3.2 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [eurephia] [MH] [IPv6] built on Jun  5 2016
Originally developed by James Yonan
Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
Compile time defines: enable_crypto=yes enable_debug=yes enable_def_auth=yes enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_eurephia=yes enable_fast_install=yes enable_fragment=yes enable_http_proxy=yes enable_iproute2=no enable_libtool_lock=yes enable_lzo=yes enable_lzo_stub=no enable_management=yes enable_multi=yes enable_multihome=yes enable_pam_dlopen=no enable_password_save=no enable_pedantic=no enable_pf=yes enable_pkcs11=no enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_server=yes enable_shared=yes enable_shared_with_static_runtimes=no enable_small=no enable_socks=yes enable_ssl=yes enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=no enable_win32_dll=yes enable_x509_alt_username=no with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_plugindir='$(libdir)/openvpn/plugins' with_sysroot=no

I'm on Ubuntu 14.04 x64 and I build openvpn as:

sudo apt-get install libpkcs11-helper1-dev
sudo apt-get build-dep openvpn
apt-get source openvpn
cd openvpn-2*
sudo ./configure
sudo make && sudo make install

So what is the problem?

My second try was to install it via apt-get install

I do sudo make uninstall and it seems something went wrong:

openvpn
bash: /usr/local/sbin/openvpn: No such file or directory

sudo apt-get install openvpn not helped output is the same

openvpn
bash: /usr/local/sbin/openvpn: No such file or directory

It seems openvpn command linked to old binary, how to fix it?

After I reboot my computer it seems work:

which openvpn
/usr/sbin/openvpn

But still have an error:

sudo openvpn --show-pkcs11-ids /usr/lib/libeTPkcs11.so
Sun Jun  5 02:16:24 2016 PKCS#11: Cannot add provider '/usr/lib/libeTPkcs11.so' 6-'CKR_FUNCTION_FAILED'
Sun Jun  5 02:16:24 2016 Exiting due to fatal error

BTW I can do something similar to first command via pkcs11-tool --module /usr/lib64/libeTPkcs11.so -L.

mrgloom
  • 357
  • 1
  • 4
  • 12
  • In your own build, PKCS11 is not enabled. Take a look at `configure --help`. Also, don’t build as root. It’s bad practice. Only `make install` needs those permissions. – Daniel B Jun 05 '16 at 10:51

1 Answers1

2

You should tell configure that you want to enable pkcs11:

./configure --enable-pkcs11

Also, you shouldn't run ./configure and make with sudo. Only make install needs sudo.

Steffan Karger
  • 651
  • 5
  • 6