From b637e9b695d64f9b68f41dcc46f37da771f80a0f Mon Sep 17 00:00:00 2001
From: Richard T Bonhomme <tincantech@protonmail.com>
Date: Sat, 5 Aug 2023 15:58:56 +0100
Subject: [PATCH] Move creating 'inline' folder from 'build-ca' to 'init-pki'

This allows a client that has not built a CA to use 'inline'.

The CA and signed client certificate can be sent to the client,
allowing the client to create a complete X509 based inline file,
without creating a redundant CA.

Also, add 'inline' command to the list of commands which do not
require a CA.

Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
---
 easyrsa3/easyrsa | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa
index 5156614..4f57a8e 100755
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@@ -1335,7 +1335,7 @@ and initialize a fresh PKI here."
 	fi
 
 	# new dirs:
-	for i in private reqs; do
+	for i in private reqs inline; do
 		mkdir -p "$EASYRSA_PKI/$i" || \
 			die "\
 Failed to create PKI file structure (permissions?)"
@@ -1656,7 +1656,7 @@ current CA. To start a new CA, run init-pki first."
 	# create necessary dirs:
 	err_msg="\
 Unable to create necessary PKI files (permissions?)"
-	for i in issued inline certs_by_serial \
+	for i in issued certs_by_serial \
 		revoked/certs_by_serial revoked/private_by_serial \
 		revoked/reqs_by_serial
 	do
@@ -7204,7 +7204,7 @@ case "$cmd" in
 		require_pki=1
 		case "$cmd" in
 			gen-req|gen-dh|build-ca|show-req| \
-			make-safe-ssl|export-p*)
+			make-safe-ssl|export-p*|inline)
 				unset -v require_ca
 			;;
 			*)