easy-rsa icon indicating copy to clipboard operation
easy-rsa copied to clipboard

Published 20 hours ago verified publisher icon OpenVPN

Documentation: `doc/EasyRSA-Passphrase-Automation.md`

Open TinCanTech opened this issue 2 years ago • 3 comments

Passphrases and automation .. it is a conundrum.

However, it would be useful if EasyRSA had some documentation on how it is done here ..

Options: --passin=something and --passout=something.

FTR: https://www.openssl.org/docs/man3.0/man1/openssl-passphrase-options.html

TinCanTech avatar Jan 04 '23 01:01 TinCanTech

TLDR;

Global options: --passin, --passout

Build CA: Both options MUST be set to the same passphrase.

easyrsa --passin=pass:EASYRSA --passout=pass:EASYRSA build-ca

Build-*-full: Gets more interesting ..

TinCanTech avatar Jan 04 '23 01:01 TinCanTech

With build-*-full, --passin is the CA passphrase, while --passout is the new key passphrase.

TinCanTech avatar Jan 04 '23 17:01 TinCanTech

With set-pass, --passin is the current key passphrase, while --passout is the new key passphrase.

TinCanTech avatar Jan 04 '23 17:01 TinCanTech