-
-
Notifications
You must be signed in to change notification settings - Fork 21
build and inline tls crypt
TinCanTech edited this page Aug 2, 2021
·
1 revision
This page describes how to build and inline a TLS-Crypt key
These steps must be done in the order shown.
Use Easy-TLS inter-active build
menu:
-
./easytls build
-
Select
[2] TLS-Crypt-V1 key - Basic TLS-crypt-v1 pre-shared key
Command line to build a TLS Auth key:
./easytls btc
Use Easy-TLS inter-active inline
menu:
-
./easytls inline
-
Select
[3] Inline-file with TLS-Crypt-V1 key for Server
- Enter the name of your server common-name. eg:
server
- Press enter: You do have the private key for this X509 certificate.
Press enter: You can not use a Diffie-Hellman parameters file in No-CA mode.- Type
yes
: The file you will over-write will be correctly recreated with a TLS-AUTH inline file.
Command line to inline a TLS-Crypt key with a Server certificate:
./easytls itc <server-name>
- Enter the name of your server common-name. eg:
Use Easy-TLS inter-active inline
menu:
-
./easytls inline
-
Select
[4] Inline-file with TLS-Crypt-V1 key for Client
- Enter the name of your client common-name. eg:
alice
- Press enter: You do have the private key for this X509 certificate.
- Enter the common-name of your Server (eg:
server
) to automatically share peer-fingerprints. - Type
yes
: The file you will over-write will be correctly recreated with a TLS-Crypt inline file.
Command line to inline a TLS-Crypt key with a Client certificate:
-
./easytls -r=<server-name> itc <client-name>
The-r|--ss-peer-fingerprint
option tells the command the name of the server to share this client fingerprint with.
- Enter the name of your client common-name. eg: