openssl TXT_DB error number 2 failed to update database

安装openvpn，生产客户端密钥文件时报错

[[email protected] 2.0]# ./build-key client1

Generating a 1024 bit RSA private key

...........................++++++

...........++++++

writing new private key to 'client1.key'

-----

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [EN]:

State or Province Name (full name) [CA]:

Locality Name (eg, city) [NJ]:

Organization Name (eg, company) [Fort-Funston]:

Organizational Unit Name (eg, section) [changeme]:

Common Name (eg, your name or your server's hostname) [client1]:

Name [changeme]:

Email Address [[email protected]]:

Please enter the following 'extra' attributes

to be sent with your certificate request

A challenge password []:

An optional company name []:

Using configuration from /etc/openvpn/easy-rsa/easy-rsa/2.0/openssl-1.0.0.cnf

Check that the request matches the signature

Signature ok

The Subject's Distinguished Name is as follows

countryName           :PRINTABLE:'EN'

stateOrProvinceName   :PRINTABLE:'CA'

localityName          :PRINTABLE:'NJ'

organizationName      :PRINTABLE:'Fort-Funston'

organizationalUnitName:PRINTABLE:'changeme'

commonName            :client

name                  :PRINTABLE:'changeme'

emailAddress          :IA5STRING:'[email protected]'

Certificate is to be certified until Aug  1 09:50:21 2024 GMT (3650 days)

Sign the certificate? [y/n]:y

openssl TXT_DB error number 2 failed to update database 

原因是commonName   跟前面生成ca文件和server 密钥commonname相同导致，可以换一个commonname就可以了。