TinCanTech
TinCanTech
### For the record: - Version `3.1.x` of Easy-RSA `rewind-renew` moves a certificate (etc) from the `renewed/certs_by_serial` folder to the `renewed/issued` folder and names it back to its `commonName`. This...
The solution is to back-port version `3.1` `renew`, `revoke-renewed` and `rewind-renew` to version `3.0`. That would also include the `*_move_*()` and **undo** `*_move_*()` capabilities .. I do not know what...
I think this links directly to #499 and #348 This `--root=DIR` idea is one approach. I would prefer to see `easyrsa` running correctly, regardless of where the script is located.
> I don't get this hole discussion about where to store/find the different files. Until now, there has been no discussion nor development on this subject. This has lead to...
As of https://github.com/OpenVPN/easy-rsa/commit/ec6d072707d4378f0b6343d47333e74e78de12fc you should be able to achieve this without `--root`. To do so use either method below. 1. Install `easyrsa` to your PATH. eg. `/usr/local/sbin` 2. Install `openssl-easyrsa.cnf`...
After more careful review, I think the `--root` (or possibly another name) idea, is a good approach. It also clarifies _exactly_ what `$EASYRSA` is meant to be.
I have changed my mind. Simply use `--pki-dir=` Which, once again, leaves `$EASYRSA` in _Limbo_ ..
If anybody is genuinely interested in this idea then drop a comment here. Closed as resolved.
Submissions to the alternative folder could take this form: * `x509-types/server` ``` + # Mandated by RFC: .. (Or n/a) + # Recommended by RFC: .. + # Details: .....
Merged in `testing` branch available: https://github.com/OpenVPN/easy-rsa/tree/testing