This doesn't really address the EasyRSA tool questions - but I was always fairly frustrated with the use of EasyRSA. I wrote some scripts to use GNUTLS to generate certs/keys. (I'm usually on a Windows platform, so I use the Windows GNUTLS port.)
I can generate a hundred certs/keys in just a few minutes and can do most anything I've found I need for OpenVPN, FreeeRadius certs, etc. You might consider that. On Mon, Mar 6, 2023 at 6:08 AM Bo Berglund <bo.bergl...@gmail.com> wrote: > On Mon, 06 Mar 2023 12:55:05 +0100, Bo Berglund <bo.bergl...@gmail.com> > wrote: > > >And I guess now $KEY_DIR needs to be changed to a set of different dirs > >depending on the type of file being worked on... > > I ran some manual tests on the converted easyrsa3 dir and it seems like > one is > not given the ability to enter client specific data in the process of > building > the client files... > > Specifically this is displayed on screen but with no way to edit it before > building the files (email obfuscated): > > countryName :PRINTABLE:'SE' > stateOrProvinceName :ASN.1 12:'Stockholm' > localityName :ASN.1 12:'Stockholm' > organizationName :ASN.1 12:'Private' > organizationalUnitName:ASN.1 12:'Dev' > commonName :ASN.1 12:'TestClient3' > emailAddress :IA5STRING:'n...@server.com' > > Shouldn't each client be identified with his own email in the cert and > other > files? > > Changing the vars file for each new client is not really a good option > either. > > In easyrsa2 those items were defaults that had to be accepted or edited in > the > process when running the build. Not so anymore? > > Is this because these fields might have been deprecated? > > > -- > Bo Berglund > Developer in Sweden > > > > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-users >
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
