Due to my previous misunderstanding of the intended use of --req-cn,
it is no longer possible to set commonName for command gen-req.
Ref: #524#456
This commit restores v30x series behavior:
* --req-cn can only be used in batch mode.
* --req-cn can only be used by commands build-ca and gen-req.
* SSL layer prompts are restored to original behavior.
Important: The use of internal batch mode is no longer required
for command sign_req(), when called by build_full(). This code
has been disabled but remains in place. This is a considerable
change under the hood but there is no user observable difference.
Also, minor improvements to help and EasyRSA-Advanced.md
Tested manually and thoroughly.
Closes: #668
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
commit 37232a8a6677dcdd5be4b4f9d3f1c8241e214a49
Merge: bee93cf a3c9f0b
Author: Richard T Bonhomme <tincantech@protonmail.com>
Date: Fri Aug 5 18:05:56 2022 +0100
Merge branch 'doc-add-ed' of ssh://github.com/mnme/easy-rsa into mnme-doc-add-ed
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
commit a3c9f0bb5b79fa9fffaaf65b109069035138788b
Author: Nicolas Jeker <n.jeker@gmx.net>
Date: Thu Aug 20 11:31:32 2020 +0200
doc: Add 'ed' option to EASYRSA_ALGO
Related to #488
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
github.com/ccin2p3/easy-rsa into ccin2p3-feature/custom-umask
Fix typo: 'defúlts' -> 'default'
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
This clarifies the use of the file as specific to EasyRSA while also
closing the loop on the openssl version chase. No reason to have a
configuration file that is specific to openssl version at this point.
If the need arises, we'll do so in a sane fashion.
Resolves#159
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
The --batch CLI arg now takes no options and enables batch-mode when
present.
init-pki no longer takes a 'force' value which did the same as --batch.
Signed-off-by: Josh Cepek <josh.cepek@usa.net>
Add documentation & help output; add quoting; add error messages; put
the ecparams dir under PKI dir with env-var tunable.
Signed-off-by: Josh Cepek <josh.cepek@usa.net>
