In the 3.0.0 release, Windows utilities were mistakenly omitted from the
package. The build utility has been updated to include these files, as
well as to convert the .md documentation files to html.
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
The mv operation following the CRL creation isn't useful as there is no
temp file to move. Instead, create the temp file during CRL creation,
preventing a potential overwrite of a previous, valid, CRL.
Thanks go to matteo.guglielmi@epfl.ch for this patch (via email).
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
Error msg:
Note: using Easy-RSA configuration from: ./vars
Using configuration from /Users/sskaje/Work/CA/Easy/openssl-1.0.cnf
Enter pass phrase for /Users/sskaje/Work/CA/Easy/pki/private/ca.key:
mv: /Users/sskaje/Work/CA/Easy/pki/crl.pem.tpH4U0wpn3: No such file or directory
An updated CRL has been created.
CRL file: /Users/sskaje/Work/CA/Easy/pki/crl.pem
* Update ChangeLog to reflect minor last-minute commits.
* Modify build-dist.sh to create both zip and tgz files
* Add notable changes to Upgrade-Notes
By default, field values are interpreted as ASCII but UTF-8 would be a
more reasonable default. Without the -utf8 flag, non-ASCII text gets
garbled without warning. ASCII text works fine either way.
When forming the OpenSSL config replacement text, gen_req() should not
alter the global variable as it is referred to again by sign_req() when
the wrapper-commands build-*-full are called.
This change localizes the replacement text to avoid competing over the
global variable.
Signed-off-by: Josh Cepek <josh.cepek@usa.net>
Based-On: patch submitted by Joe Hu <i@sapika.ch>
Fixes: Issue #25
The command-line API for LibreSSL is currently identical to OpenSSL
1.0.1. This support is implemented in a case so any future version
distinctions can key off the features in the available implementation.
Such feature-specific support may become more important during the 3.1
development cycle where 0.9.x OpenSSL cannot handle newer features.
Signed-off-by: Josh Cepek <josh.cepek@usa.net>
Fixes: #48
Adds the 'set-rsa-pass' and 'set-ec-pass' commands. Both are able to set
or remove a passphrase, and can optionally act on a direct file path
instead of a relative filename base name.
Signed-off-by: Josh Cepek <josh.cepek@usa.net>
Upgrade-Notes includes v2 to v3 upgrade changes that users should be
aware of.
The updated top-level README helps point users to online support
locations.
Signed-off-by: Josh Cepek <josh.cepek@usa.net>
This initial packaging script creates a release-ready tarball for
Unix-alikes. Windows support will be added in a separate commit.
Signed-off-by: Josh Cepek <josh.cepek@usa.net>
Updates include listing project dir layout, git conventions on
commits/merges/tags, and code spacing/indent recommendations.
Signed-off-by: Josh Cepek <josh.cepek@usa.net>
The prior warn/fallback to rsa didn't work, and fallback is probably the
wrong thing to do, especially for batch callers. It is now an error to
supply an invalid value.
No need to export the EASYRSA_ALGO_PARAMS either.
Signed-off-by: Josh Cepek <josh.cepek@usa.net>
The --batch CLI arg now takes no options and enables batch-mode when
present.
init-pki no longer takes a 'force' value which did the same as --batch.
Signed-off-by: Josh Cepek <josh.cepek@usa.net>
This adds export support for PKCS#7 bundles, and adds the option to
export PKCS#12 without private keys
Author: Luiz Angelo Daros de Luca <luizluca@tre-sc.gov.br>
Signed-off-by: Josh Cepek <josh.cepek@usa.net>
