Move creating 'inline' folder from 'build-ca' to 'init-pki'

This allows a client that has not built a CA to use 'inline'. The CA and signed client certificate can be sent to the client, allowing the client to create a complete X509 based inline file, without creating a redundant CA. Also, add 'inline' command to the list of commands which do not require a CA. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
2023-08-05 15:58:56 +01:00 · 2023-08-05 15:58:56 +01:00 · b637e9b695
commit b637e9b695
parent 98e9f43be6
1 changed files with 3 additions and 3 deletions
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@ -1335,7 +1335,7 @@ and initialize a fresh PKI here."
 	fi

 	# new dirs:
-	for i in private reqs; do
+	for i in private reqs inline; do
 		mkdir -p "$EASYRSA_PKI/$i" || \
 			die "\
 Failed to create PKI file structure (permissions?)"
@ -1656,7 +1656,7 @@ current CA. To start a new CA, run init-pki first."
 	# create necessary dirs:
 	err_msg="\
 Unable to create necessary PKI files (permissions?)"
-	for i in issued inline certs_by_serial \
+	for i in issued certs_by_serial \
 		revoked/certs_by_serial revoked/private_by_serial \
 		revoked/reqs_by_serial
 	do
@ -7204,7 +7204,7 @@ case "$cmd" in
 		require_pki=1
 		case "$cmd" in
 			gen-req|gen-dh|build-ca|show-req| \
-			make-safe-ssl|export-p*)
+			make-safe-ssl|export-p*|inline)
 				unset -v require_ca
 			;;
 			*)