Quick Start Full No CA mode

This page describes how to use Easy-TLS to build complete Server and Client Inline files using No-CA mode.

Note:

• It is recommanded, although not essential, that the following procedure is done on your OpenVPN Server.
  Otherwise, you will have to transfer these files to your server in order to use them.
  However, if you use a router to run your Openvpn Server then you can run this on any other machine instead,
  including Linux or Windows, and upload the files to your router when you are finished.
  

Download and install

1. Download and install Easy-TLS

Use Easy-TLS in Full No-CA mode

2. Initialise Easy-TLS in No-CA mode: ./easytls init no-ca
   

Create all your required self-signed certificates and keys

3. Create your self-signed Server X509 certificate: ./easytls sss server
   Instead of server use your own name.
   
4. Create your self-signed Client X509 certificate: ./easytls ssc alice
   Instead of alice use your client name.
   
5. Create your self-signed Client X509 certificate: ./easytls ssc bob
   Instead of bob use your client name.
   
6. Create all of your client certificates and keys.

Create your preferred TLS keys and inline files

TLS-Auth:

https://github.com/TinCanTech/easy-tls/wiki/build-and-inline-tls-auth

TLS-Crypt:

https://github.com/TinCanTech/easy-tls/wiki/build-and-inline-tls-crypt

TLS-Crypt-V2:

https://github.com/TinCanTech/easy-tls/wiki/build-and-inline-tls-crypt-v2

Sending the inline files to your Clients

The inline files contain private data which must be shared over a secure channel, such as scp.
Do not send any files to your clients over an insecure channel, such as email.