TinCanTech

Perhaps: - `--base64` global option. - `export-p?` command option `base64`

Linking #1081

The root cause of this problem: No `x509-types/*` files are expanded for use by LibreSSL. The `x509-types` template in use is not fed to SSL via `-config`, it is fed...

This is no longer valid because it is not the unexpanded variables in "safe SSL config" at fault. Follow-ups: #767

Last comment. A kdc certificate, spot the implementation mistakes: ``` Certificate: Data: Version: 3 (0x2) Serial Number: 78:a2:e4:bf:38:11:56:b7:af:2a:20:74:fd:6a:89:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: C=00, ST=home, L=wiscii, O=tct, OU=tct @ $&$, CN=Easy-RSA...

@xinthose if you can outline the problem then this issue can be reopened.

I think this is another part related to: #576 Overall, I think `EASYRSA_EXTRA_EXTS` should be configured separately to a SAN. If done separately then may be the `grep | sed...

Example EASYRSA_EXTRA_EXTS="nsCertType = sslCA" easyrsa --nopass --verbose --san=DNS:a.eg.org build-ca LGTM. @dekeonus if the example works for you then please close this issue.

@c-git Thank you for this correction.

The essential use for Easy-TLS is to create TLS-Crypt-V2 Server and Client keys. Then build inline files with matching X509 details to OpenVPN TLS-Crypt-V2 key details. The command to try...