From 308a6b77e6ff71095499ff850a1b01482c27c068 Mon Sep 17 00:00:00 2001 From: Tara Planas Date: Thu, 13 Apr 2017 15:23:34 -0700 Subject: [PATCH 1/2] Update doc fluency --- README.quickstart.md | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/README.quickstart.md b/README.quickstart.md index 8fb0a2e..0f7b151 100644 --- a/README.quickstart.md +++ b/README.quickstart.md @@ -1,18 +1,16 @@ Easy-RSA 3 Quickstart README ============================ -This is a quickstart guide to using Easy-RSA version 3. Detailed help on usage -and specific commands by running easyrsa with the 'help' command. Additional -documentation can be found in the doc/ directory. +This is a quickstart guide to using Easy-RSA version 3. Detailed help on usage and specific commands can be found by running `./easyrsa -h`. +Additional documentation can be found in the doc/ directory. -If you're upgrading from the Easy-RSA 2.x series there are Upgrade-Notes +If you're upgrading from the Easy-RSA 2.x series, there are Upgrade-Notes available, also under the doc/ path. Setup and signing the first request ----------------------------------- -A quick run-though of what needs to happen to start a new PKI and sign your -first entity certificate. +Here is a quick run-though of what needs to happen to start a new PKI and sign your first entity certificate: 1. Choose a system to act as your CA and create a new PKI and CA: @@ -20,10 +18,10 @@ first entity certificate. ./easyrsa build-ca 2. On the system that is requesting a certificate, init its own PKI and generate - a keypair/request. Note that the init-pki is used _only_ when this is done on + a keypair/request. Note that `init-pki` is used _only_ when this is done on a separate system (or at least a separate PKI dir.) This is the recommended procedure. If you are not using this recommended procedure, skip the next - import-req step as well. + import-req step. ./easyrsa init-pki ./easyrsa gen-req EntityName @@ -40,13 +38,12 @@ first entity certificate. 5. Transport the newly signed certificate to the requesting entity. This entity may also need the CA cert (ca.crt) unless it had a prior copy. -6. The entity now has its own keypair, and signed cert, and the CA. +6. The entity now has its own keypair, signed cert, and the CA. Signing subsequent requests --------------------------- -Follow steps 2-6 above to generate subsequent keypairs and have the CA returned -signed certificates. +Follow steps 2-6 above to generate subsequent keypairs and have the CA return signed certificates. Revoking certs and creating CRLs -------------------------------- From 84d97084baf4ef471f02875b20794b448a4f8cb2 Mon Sep 17 00:00:00 2001 From: Tara Planas Date: Mon, 9 Oct 2017 15:53:27 -0700 Subject: [PATCH 2/2] set line width to 80 --- README.quickstart.md | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/README.quickstart.md b/README.quickstart.md index 0f7b151..15c8182 100644 --- a/README.quickstart.md +++ b/README.quickstart.md @@ -1,8 +1,9 @@ Easy-RSA 3 Quickstart README ============================ -This is a quickstart guide to using Easy-RSA version 3. Detailed help on usage and specific commands can be found by running `./easyrsa -h`. -Additional documentation can be found in the doc/ directory. +This is a quickstart guide to using Easy-RSA version 3. Detailed help on usage +and specific commands can be found by running ./easyrsa -h. Additional +documentation can be found in the doc/ directory. If you're upgrading from the Easy-RSA 2.x series, there are Upgrade-Notes available, also under the doc/ path. @@ -10,7 +11,8 @@ available, also under the doc/ path. Setup and signing the first request ----------------------------------- -Here is a quick run-though of what needs to happen to start a new PKI and sign your first entity certificate: +Here is a quick run-though of what needs to happen to start a new PKI and sign +your first entity certificate: 1. Choose a system to act as your CA and create a new PKI and CA: @@ -18,8 +20,8 @@ Here is a quick run-though of what needs to happen to start a new PKI and sign y ./easyrsa build-ca 2. On the system that is requesting a certificate, init its own PKI and generate - a keypair/request. Note that `init-pki` is used _only_ when this is done on - a separate system (or at least a separate PKI dir.) This is the recommended + a keypair/request. Note that init-pki is used _only_ when this is done on a + separate system (or at least a separate PKI dir.) This is the recommended procedure. If you are not using this recommended procedure, skip the next import-req step. @@ -43,7 +45,8 @@ Here is a quick run-though of what needs to happen to start a new PKI and sign y Signing subsequent requests --------------------------- -Follow steps 2-6 above to generate subsequent keypairs and have the CA return signed certificates. +Follow steps 2-6 above to generate subsequent keypairs and have the CA return +signed certificates. Revoking certs and creating CRLs -------------------------------- @@ -90,7 +93,6 @@ RSA and EC private keys can be re-encrypted so a new passphrase can be supplied with one of the following commands depending on the key type: ./easyrsa set-rsa-pass EntityName - ./easyrsa set-ec-pass EntityName Optionally, the passphrase can be removed completely with the 'nopass' flag.