nik/easyrsa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

set line width to 80

Browse Source
This commit is contained in:
Tara Planas 2017-10-09 15:53:27 -07:00
parent 308a6b77e6
commit 84d97084ba
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
README.quickstart.md
View File

@ -1,8 +1,9 @@
Easy-RSA 3 Quickstart README Easy-RSA 3 Quickstart README
============================ ============================
This is a quickstart guide to using Easy-RSA version 3. Detailed help on usage and specific commands can be found by running `./easyrsa -h`. This is a quickstart guide to using Easy-RSA version 3. Detailed help on usage
Additional documentation can be found in the doc/ directory. and specific commands can be found by running ./easyrsa -h. Additional
documentation can be found in the doc/ directory.
If you're upgrading from the Easy-RSA 2.x series, there are Upgrade-Notes If you're upgrading from the Easy-RSA 2.x series, there are Upgrade-Notes
available, also under the doc/ path. available, also under the doc/ path.
@ -10,7 +11,8 @@ available, also under the doc/ path.
Setup and signing the first request Setup and signing the first request
----------------------------------- -----------------------------------
Here is a quick run-though of what needs to happen to start a new PKI and sign your first entity certificate: Here is a quick run-though of what needs to happen to start a new PKI and sign
your first entity certificate:
1. Choose a system to act as your CA and create a new PKI and CA: 1. Choose a system to act as your CA and create a new PKI and CA:
@ -18,8 +20,8 @@ Here is a quick run-though of what needs to happen to start a new PKI and sign y
./easyrsa build-ca ./easyrsa build-ca
2. On the system that is requesting a certificate, init its own PKI and generate 2. On the system that is requesting a certificate, init its own PKI and generate
a keypair/request. Note that `init-pki` is used _only_ when this is done on a keypair/request. Note that init-pki is used _only_ when this is done on a
a separate system (or at least a separate PKI dir.) This is the recommended separate system (or at least a separate PKI dir.) This is the recommended
procedure. If you are not using this recommended procedure, skip the next procedure. If you are not using this recommended procedure, skip the next
import-req step. import-req step.
@ -43,7 +45,8 @@ Here is a quick run-though of what needs to happen to start a new PKI and sign y
Signing subsequent requests Signing subsequent requests
--------------------------- ---------------------------
Follow steps 2-6 above to generate subsequent keypairs and have the CA return signed certificates. Follow steps 2-6 above to generate subsequent keypairs and have the CA return
signed certificates.
Revoking certs and creating CRLs Revoking certs and creating CRLs
-------------------------------- --------------------------------
@ -90,7 +93,6 @@ RSA and EC private keys can be re-encrypted so a new passphrase can be supplied
with one of the following commands depending on the key type: with one of the following commands depending on the key type:
./easyrsa set-rsa-pass EntityName ./easyrsa set-rsa-pass EntityName
./easyrsa set-ec-pass EntityName ./easyrsa set-ec-pass EntityName
Optionally, the passphrase can be removed completely with the 'nopass' flag. Optionally, the passphrase can be removed completely with the 'nopass' flag.