CLIENT name should have a max Char length check

[rbnhd]

Problem:

If we enter a client name longer than 64 bytes, the script succeeds but the generated .ovpn file is invalid.

How to reproduce:

• Install openVPN server following this script: https://github.com/angristan/openvpn-install/ (OS: Amazon Linux 2023)
• Then attempt to create a Client.
  $ ./openvpn-install.sh
• Chose Add a client. Prompts for client name.
• enter a client name longer than 64 bytes. ex: reallylongFname_MiddleName_reallylongLastname_mylinuxhost-10_0_0_250_001_20250709_185345.
  • (I use headless User addition btw, the script runs automatically and at first I was confused why are my users getting invalid .ovpn files)
• The script will succeed. The .ovpn file will be generated without any error.
• BUT, if you cat the .ovpn file, you will notice that it's an invalid file which can't be imported to OpenVPN client app.

Easy-RSA/OpenSSL silently truncates or rejects Common Names longer than ≈64 bytes – the generated client certificate fails, leaving the .ovpn with empty <cert>/<key> sections.

Proposal:

• Add a char length check of MAX_CN 64
• Or a friendly help text.
• The script should fail if CLIENT > 64 Char

[TinCanTech]

OpenVPN/easy-rsa#1095 (comment)