nik/easyrsa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'update-advanced-global-env-vars' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-update-advanced-global-env-vars

Browse Source 
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
This commit is contained in:
Richard T Bonhomme 2023-10-01 23:55:24 +01:00
commit b2dab1e868
No known key found for this signature in database
GPG Key ID: 2D767DB92FB6C246
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
doc/EasyRSA-Advanced.md
View File

@ -89,7 +89,7 @@ Environmental Variables Reference
---------------------------------
A list of env-vars, any matching global option (CLI) to set/override it, and a
possible terse description is shown below:
short description is shown below:
* `EASYRSA` - should point to the Easy-RSA top-level dir, where the easyrsa
script is located.
@ -97,6 +97,7 @@ possible terse description is shown below:
* `EASYRSA_SSL_CONF` - the openssl config file to use
* `EASYRSA_PKI` (CLI: `--pki-dir`) - dir to use to hold all PKI-specific
files, defaults to `$PWD/pki`.
* `EASYRSA_VARS_FILE` (CLI: `--vars`) - Set the `vars` file to use
* `EASYRSA_DN` (CLI: `--dn-mode`) - set to the string `cn_only` or `org` to
alter the fields to include in the req DN
* `EASYRSA_REQ_COUNTRY` (CLI: `--req-c`) - set the DN country with org mode
@ -115,16 +116,14 @@ possible terse description is shown below:
* `EASYRSA_ALGO` (CLI: `--use-algo`) - set the crypto alg to use: rsa, ec or
ed
* `EASYRSA_CURVE` (CLI: `--curve`) - define the named EC curve to use
* `EASYRSA_EC_DIR` - dir to store generated ecparams
* `EASYRSA_CA_EXPIRE` (CLI: `--days`) - set the CA expiration time in days
* `EASYRSA_CERT_EXPIRE` (CLI: `--days`) - set the issued cert expiration time
in days
* `EASYRSA_CRL_DAYS` (CLI: `--days`) - set the CRL 'next publish' time in days
* `EASYRSA_NS_SUPPORT` (CLI: `--ns-cert`) - string 'yes' or 'no' fields to
include the deprecated Netscape extensions
include the **deprecated** Netscape extensions
* `EASYRSA_NS_COMMENT` (CLI: `--ns-comment`) - string comment to include when
using the deprecated Netscape extensions
* `EASYRSA_TEMP_FILE` - a temp file to use when dynamically creating req/cert
using the **deprecated** Netscape extensions
extensions
* `EASYRSA_REQ_CN` (CLI: `--req-cn`) - default CN, can only be used in BATCH
mode
@ -136,8 +135,9 @@ possible terse description is shown below:
password using any openssl password options like pass:1234 or env:var
* `EASYRSA_PASSOUT` (CLI: `--passout`) - allows to specify a source for
password using any openssl password options like pass:1234 or env:var
* `EASYRSA_NO_PASS` (CLI: `--nopass`) - disable use of passwords
* `EASYRSA_UMASK` - safe umask to use for file creation. Defaults to `077`
* `EASYRSA_NO_UMASK` - disable safe umask. Files will be created using the
system's default
**NOTE:** the global options need to be provided before the actual commands.
* `EASYRSA_TEMP_DIR` (CLI: `--tmp-dir`) - a temp directory to use for temporary files
**NOTE:** the global options must be provided before the commands.