-
-
Notifications
You must be signed in to change notification settings - Fork 21
Introduction
TinCanTech edited this page Jan 9, 2022
·
3 revisions
Easy-TLS script does not require root
access to your system.
-
easytls
- For building your TLS environment.
Easy-TLS Server-side verification scripts require the same access to your system as your Openvpn Server:
-
easytls-cryptv2-verify.sh
- TLS-Crypt-V2 key verification and access tool. -
easytls-client-connect.sh
- Hardware-address verification and access and connection tracking tool. -
easytls-client-disconnect.sh
- Connection tracking tool.
Easy-TLS is intended to:
- Generate OpenVPN specific TLS keys
- Generate OpenVPN specific
.inline
files, which include:- OpenVPN specific TLS keys and required settings
- Easy-RSA generated x509 Public Key Infra-structure
- Marshal requirements to maintain valid
.inline
status
- Openvpn 2.5
- Easy-RSA 3.0.7
Supports all "popular" OS:
- Minimum requirement: All code must be compatible with EasyRSA3 for Windows.
- Download:
easytls
to youreasyrsa3
working directory.
- Windows users must start Easy-RSA using
EasyRSA-Start.bat
to start the shell
and then use./easytls
in the same way you would use./easyrsa
.
Also download the following scripts:
- https://github.com/TinCanTech/easy-tls/blob/master/EasyTLS-Howto-ii.md
- https://github.com/TinCanTech/easy-tls/wiki
-
Start like this:
./easytls init-tls
./easytls build
./easytls inline
./easytls remove
./easytls scripts
./easytls help
./easytls help <command>
- Show specific help for<command>
./easytls help options
- Show options help
./easytls help abb
- Show abbreviations
./easytls help config
- Show configuration elements -
For No-CA mode (a.k.a. Peer-fingerprint / selfsigned mode):
./easytls init-tls no-ca
./easytls selfsign