easy-rsa
easy-rsa copied to clipboard
OpenVPN
easy-rsa - Simple shell based CA utility
I use the OpenVPN Community Edition under Windows, since some versions Easy-RSA 3 including the MirBSD Korn Shell is included. Unfortunately, I can not get this to work, a search...
'shift 2' was moved above the parameter check in previous commit: 1d227736e404b805e84b8949aa238a240c4ad5eb Move it back to after the check and reword user output for clarity. Relates-to: #632 Signed-off-by: Richard T...
If verify_ca_init fails then the error message states that: 'serial is missing'. While this is true, it is not 'user friendly'. Reorder the checks so that if verify_ca_init fails then...
With the unique_subject set to no, it is possible to add unlimited certs for a CN. EasyRSA only maintains all info for the last issued cert for a CN. Earlier...
When testing PKI database on correctness, a couple of script errors occurred. It has to do with missing mandatory file_name_base and missing CRL. Solution would be: - Check mandatory parameter....
Discovery: https://github.com/OpenVPN/easy-rsa/issues/626#issuecomment-1208478100 While the invalid entries in `index.txt` caused an `illegal number` error, valid entries do not ?
This should be documented more clearly. See: https://github.com/OpenVPN/easy-rsa/issues/607#issuecomment-1208287489
For **true** certificate _renewal_ the original key MUST be used. I intend to **remake** Easy-RSA **_`renew`_**, as it _should have been done in the first place_. **`renew` sucks .. don't...
It would be convenient to have a function to bundle the certificate chain into a single file for easier deployment for software expecting a pem bundle (and less likely a...
Certificates signed with easy-rsa should not output text form, as in many other PKI systems (e.g. Let's Encrypt). That is, only binary representation (that including `BEGIN CERTIFICATE` - `END CERTIFICATE`)...
