nik/easyrsa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

set line width to 80

Browse Source
This commit is contained in:
Tara Planas 2017-10-09 15:53:27 -07:00
parent 308a6b77e6
commit 84d97084ba
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
README.quickstart.md
View File

@ -1,8 +1,9 @@
Easy-RSA 3 Quickstart README
============================
This is a quickstart guide to using Easy-RSA version 3. Detailed help on usage and specific commands can be found by running `./easyrsa -h`.
Additional documentation can be found in the doc/ directory.
This is a quickstart guide to using Easy-RSA version 3. Detailed help on usage
and specific commands can be found by running ./easyrsa -h. Additional
documentation can be found in the doc/ directory.
If you're upgrading from the Easy-RSA 2.x series, there are Upgrade-Notes
available, also under the doc/ path.
@ -10,7 +11,8 @@ available, also under the doc/ path.
Setup and signing the first request
-----------------------------------
Here is a quick run-though of what needs to happen to start a new PKI and sign your first entity certificate:
Here is a quick run-though of what needs to happen to start a new PKI and sign
your first entity certificate:
1. Choose a system to act as your CA and create a new PKI and CA:
@ -18,8 +20,8 @@ Here is a quick run-though of what needs to happen to start a new PKI and sign y
./easyrsa build-ca
2. On the system that is requesting a certificate, init its own PKI and generate
a keypair/request. Note that `init-pki` is used _only_ when this is done on
a separate system (or at least a separate PKI dir.) This is the recommended
a keypair/request. Note that init-pki is used _only_ when this is done on a
separate system (or at least a separate PKI dir.) This is the recommended
procedure. If you are not using this recommended procedure, skip the next
import-req step.
@ -43,7 +45,8 @@ Here is a quick run-though of what needs to happen to start a new PKI and sign y
Signing subsequent requests
---------------------------
Follow steps 2-6 above to generate subsequent keypairs and have the CA return signed certificates.
Follow steps 2-6 above to generate subsequent keypairs and have the CA return
signed certificates.
Revoking certs and creating CRLs
--------------------------------
@ -90,7 +93,6 @@ RSA and EC private keys can be re-encrypted so a new passphrase can be supplied
with one of the following commands depending on the key type:
./easyrsa set-rsa-pass EntityName
./easyrsa set-ec-pass EntityName
Optionally, the passphrase can be removed completely with the 'nopass' flag.