]>
Commit | Line | Data |
---|---|---|
0c809860 | 1 | --- openvpn-2.1_rc4/easy-rsa/2.0/build-ca 2007-04-26 00:38:44.000000000 +0300 |
198d1d7f | 2 | +++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-ca 2007-09-18 14:08:03.688714502 +0300 |
b488f9d4 ER |
3 | @@ -1,8 +1,8 @@ |
4 | -#!/bin/bash | |
5 | +#!/bin/sh | |
6 | ||
7 | # | |
c7b7600d ER |
8 | # Build a root certificate |
9 | # | |
10 | ||
11 | -export EASY_RSA="${EASY_RSA:-.}" | |
12 | -"$EASY_RSA/pkitool" --interact --initca $* | |
13 | +export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}" | |
14 | +/usr/sbin/pkitool --interact --initca $* | |
0c809860 | 15 | --- openvpn-2.1_rc4/easy-rsa/2.0/build-dh 2007-04-26 00:38:44.000000000 +0300 |
198d1d7f | 16 | +++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-dh 2007-09-18 14:08:03.688714502 +0300 |
58e28305 | 17 | @@ -1,10 +1,13 @@ |
b488f9d4 ER |
18 | -#!/bin/bash |
19 | +#!/bin/sh | |
c7b7600d ER |
20 | |
21 | # Build Diffie-Hellman parameters for the server side | |
22 | # of an SSL/TLS connection. | |
23 | +if [ -z "$EASY_RSA" ]; then | |
24 | + . /etc/easy-rsa/vars | |
25 | +fi | |
26 | ||
27 | if [ -d $KEY_DIR ] && [ $KEY_SIZE ]; then | |
58e28305 ER |
28 | - $OPENSSL dhparam -out ${KEY_DIR}/dh${KEY_SIZE}.pem ${KEY_SIZE} |
29 | + openssl dhparam -out ${KEY_DIR}/dh${KEY_SIZE}.pem ${KEY_SIZE} | |
30 | else | |
31 | echo 'Please source the vars script first (i.e. "source ./vars")' | |
32 | echo 'Make sure you have edited it to reflect your configuration.' | |
0c809860 | 33 | --- openvpn-2.1_rc4/easy-rsa/2.0/build-inter 2007-04-26 00:38:44.000000000 +0300 |
198d1d7f | 34 | +++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-inter 2007-09-18 14:08:03.688714502 +0300 |
b488f9d4 ER |
35 | @@ -1,7 +1,7 @@ |
36 | -#!/bin/bash | |
37 | +#!/bin/sh | |
38 | ||
c7b7600d ER |
39 | # Make an intermediate CA certificate/private key pair using a locally generated |
40 | # root certificate. | |
41 | ||
42 | -export EASY_RSA="${EASY_RSA:-.}" | |
43 | -"$EASY_RSA/pkitool" --interact --inter $* | |
44 | +export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}" | |
45 | +/usr/sbin/pkitool --interact --inter $* | |
0c809860 | 46 | --- openvpn-2.1_rc4/easy-rsa/2.0/build-key 2007-04-26 00:38:44.000000000 +0300 |
198d1d7f | 47 | +++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-key 2007-09-18 14:08:03.688714502 +0300 |
b488f9d4 ER |
48 | @@ -1,7 +1,7 @@ |
49 | -#!/bin/bash | |
50 | +#!/bin/sh | |
51 | ||
c7b7600d ER |
52 | # Make a certificate/private key pair using a locally generated |
53 | # root certificate. | |
54 | ||
55 | -export EASY_RSA="${EASY_RSA:-.}" | |
56 | -"$EASY_RSA/pkitool" --interact $* | |
57 | +export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}" | |
58 | +/usr/sbin/pkitool --interact $* | |
0c809860 | 59 | --- openvpn-2.1_rc4/easy-rsa/2.0/build-key-pass 2007-04-26 00:38:44.000000000 +0300 |
198d1d7f | 60 | +++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-key-pass 2007-09-18 14:08:03.688714502 +0300 |
b488f9d4 ER |
61 | @@ -1,7 +1,7 @@ |
62 | -#!/bin/bash | |
63 | +#!/bin/sh | |
64 | ||
c7b7600d ER |
65 | # Similar to build-key, but protect the private key |
66 | # with a password. | |
67 | ||
68 | -export EASY_RSA="${EASY_RSA:-.}" | |
69 | -"$EASY_RSA/pkitool" --interact --pass $* | |
70 | +export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}" | |
71 | +/usr/sbin/pkitool --interact --pass $* | |
0c809860 | 72 | --- openvpn-2.1_rc4/easy-rsa/2.0/build-key-pkcs12 2007-04-26 00:38:44.000000000 +0300 |
198d1d7f | 73 | +++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-key-pkcs12 2007-09-18 14:08:03.698714729 +0300 |
b488f9d4 ER |
74 | @@ -1,8 +1,8 @@ |
75 | -#!/bin/bash | |
76 | +#!/bin/sh | |
77 | ||
78 | # Make a certificate/private key pair using a locally generated | |
c7b7600d ER |
79 | # root certificate and convert it to a PKCS #12 file including the |
80 | # the CA certificate as well. | |
81 | ||
82 | -export EASY_RSA="${EASY_RSA:-.}" | |
83 | -"$EASY_RSA/pkitool" --interact --pkcs12 $* | |
84 | +export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}" | |
85 | +/usr/sbin/pkitool --interact --pkcs12 $* | |
0c809860 | 86 | --- openvpn-2.1_rc4/easy-rsa/2.0/build-key-server 2007-04-26 00:38:44.000000000 +0300 |
198d1d7f | 87 | +++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-key-server 2007-09-18 14:08:03.698714729 +0300 |
b488f9d4 ER |
88 | @@ -1,4 +1,4 @@ |
89 | -#!/bin/bash | |
90 | +#!/bin/sh | |
c7b7600d | 91 | |
b488f9d4 ER |
92 | # Make a certificate/private key pair using a locally generated |
93 | # root certificate. | |
0c809860 ER |
94 | @@ -6,5 +6,5 @@ |
95 | # Explicitly set nsCertType to server using the "server" | |
96 | # extension in the openssl.cnf file. | |
97 | ||
c7b7600d ER |
98 | -export EASY_RSA="${EASY_RSA:-.}" |
99 | -"$EASY_RSA/pkitool" --interact --server $* | |
100 | +export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}" | |
101 | +/usr/sbin/pkitool --interact --server $* | |
0c809860 | 102 | --- openvpn-2.1_rc4/easy-rsa/2.0/build-req 2007-04-26 00:38:44.000000000 +0300 |
198d1d7f | 103 | +++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-req 2007-09-18 14:08:03.698714729 +0300 |
b488f9d4 ER |
104 | @@ -1,7 +1,7 @@ |
105 | -#!/bin/bash | |
106 | +#!/bin/sh | |
107 | ||
c7b7600d ER |
108 | # Build a certificate signing request and private key. Use this |
109 | # when your root certificate and key is not available locally. | |
110 | ||
111 | -export EASY_RSA="${EASY_RSA:-.}" | |
112 | -"$EASY_RSA/pkitool" --interact --csr $* | |
113 | +export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}" | |
114 | +/usr/sbin/pkitool --interact --csr $* | |
0c809860 | 115 | --- openvpn-2.1_rc4/easy-rsa/2.0/build-req-pass 2007-04-26 00:38:44.000000000 +0300 |
198d1d7f | 116 | +++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-req-pass 2007-09-18 14:08:03.698714729 +0300 |
b488f9d4 ER |
117 | @@ -1,7 +1,7 @@ |
118 | -#!/bin/bash | |
119 | +#!/bin/sh | |
120 | ||
c7b7600d ER |
121 | # Like build-req, but protect your private key |
122 | # with a password. | |
123 | ||
124 | -export EASY_RSA="${EASY_RSA:-.}" | |
125 | -"$EASY_RSA/pkitool" --interact --csr --pass $* | |
126 | +export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}" | |
127 | +/usr/sbin/pkitool --interact --csr --pass $* | |
0c809860 | 128 | --- openvpn-2.1_rc4/easy-rsa/2.0/clean-all 2007-04-26 00:38:44.000000000 +0300 |
198d1d7f | 129 | +++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/clean-all 2007-09-18 14:08:03.698714729 +0300 |
b488f9d4 ER |
130 | @@ -1,9 +1,13 @@ |
131 | -#!/bin/bash | |
132 | +#!/bin/sh | |
133 | ||
134 | # Initialize the $KEY_DIR directory. | |
c7b7600d ER |
135 | # Note that this script does a |
136 | # rm -rf on $KEY_DIR so be careful! | |
137 | ||
138 | +if [ -z "$EASY_RSA" ]; then | |
139 | + . /etc/easy-rsa/vars | |
140 | +fi | |
141 | + | |
142 | if [ "$KEY_DIR" ]; then | |
143 | rm -rf "$KEY_DIR" | |
144 | mkdir "$KEY_DIR" && \ | |
0c809860 | 145 | --- openvpn-2.1_rc4/easy-rsa/2.0/inherit-inter 2007-04-26 00:38:44.000000000 +0300 |
198d1d7f | 146 | +++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/inherit-inter 2007-09-18 14:08:03.698714729 +0300 |
b488f9d4 ER |
147 | @@ -1,4 +1,4 @@ |
148 | -#!/bin/bash | |
149 | +#!/bin/sh | |
150 | ||
151 | # Build a new PKI which is rooted on an intermediate certificate generated | |
152 | # by ./build-inter or ./pkitool --inter from a parent PKI. The new PKI should | |
c7b7600d ER |
153 | @@ -9,6 +9,10 @@ |
154 | # To build an intermediate CA, follow the same steps for a regular PKI but | |
155 | # replace ./build-key or ./pkitool --initca with this script. | |
156 | ||
157 | +if [ -z "$EASY_RSA" ]; then | |
158 | + . /etc/easy-rsa/vars | |
159 | +fi | |
160 | + | |
161 | # The EXPORT_CA file will contain the CA certificate chain and should be | |
162 | # referenced by the OpenVPN "ca" directive in config files. The ca.crt file | |
163 | # will only contain the local intermediate CA -- it's needed by the easy-rsa | |
0c809860 | 164 | --- openvpn-2.1_rc4/easy-rsa/2.0/list-crl 2007-04-26 00:38:44.000000000 +0300 |
198d1d7f | 165 | +++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/list-crl 2007-09-18 14:08:03.698714729 +0300 |
58e28305 | 166 | @@ -1,12 +1,15 @@ |
b488f9d4 ER |
167 | -#!/bin/bash |
168 | +#!/bin/sh | |
c7b7600d ER |
169 | |
170 | # list revoked certificates | |
171 | +if [ -z "$EASY_RSA" ]; then | |
172 | + . /etc/easy-rsa/vars | |
173 | +fi | |
174 | ||
175 | CRL="${1:-crl.pem}" | |
176 | ||
58e28305 ER |
177 | if [ "$KEY_DIR" ]; then |
178 | cd "$KEY_DIR" && \ | |
179 | - $OPENSSL crl -text -noout -in "$CRL" | |
180 | + openssl crl -text -noout -in "$CRL" | |
181 | else | |
182 | echo 'Please source the vars script first (i.e. "source ./vars")' | |
183 | echo 'Make sure you have edited it to reflect your configuration.' | |
0c809860 | 184 | --- openvpn-2.1_rc4/easy-rsa/2.0/pkitool 2007-04-26 00:38:44.000000000 +0300 |
198d1d7f | 185 | +++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/pkitool 2007-09-18 14:08:59.219977182 +0300 |
0c809860 ER |
186 | @@ -39,6 +39,10 @@ |
187 | exit 1 | |
188 | } | |
c7b7600d ER |
189 | |
190 | +if [ -z "$EASY_RSA" ]; then | |
191 | + . /etc/easy-rsa/vars | |
192 | +fi | |
193 | + | |
194 | need_vars() | |
195 | { | |
196 | echo ' Please edit the vars script to reflect your configuration,' | |
198d1d7f ER |
197 | @@ -164,16 +168,16 @@ |
198 | if [ -z "$PKCS11_LABEL" ]; then | |
199 | die "Please specify library name, slot and label" | |
200 | fi | |
201 | - $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --init-token --slot "$PKCS11_SLOT" \ | |
202 | + pkcs11-tool --module "$PKCS11_MODULE_PATH" --init-token --slot "$PKCS11_SLOT" \ | |
203 | --label "$PKCS11_LABEL" && | |
204 | - $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --init-pin --slot "$PKCS11_SLOT" | |
205 | + pkcs11-tool --module "$PKCS11_MODULE_PATH" --init-pin --slot "$PKCS11_SLOT" | |
206 | exit $?;; | |
207 | --pkcs11-slots) | |
208 | PKCS11_MODULE_PATH="$2" | |
209 | if [ -z "$PKCS11_MODULE_PATH" ]; then | |
210 | die "Please specify library name" | |
211 | fi | |
212 | - $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --list-slots | |
213 | + pkcs11-tool --module "$PKCS11_MODULE_PATH" --list-slots | |
214 | exit 0;; | |
215 | --pkcs11-objects) | |
216 | PKCS11_MODULE_PATH="$2" | |
217 | @@ -181,7 +185,7 @@ | |
218 | if [ -z "$PKCS11_SLOT" ]; then | |
219 | die "Please specify library name and slot" | |
220 | fi | |
221 | - $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --list-objects --login --slot "$PKCS11_SLOT" | |
222 | + pkcs11-tool --module "$PKCS11_MODULE_PATH" --list-objects --login --slot "$PKCS11_SLOT" | |
223 | exit 0;; | |
224 | ||
225 | # errors | |
58e28305 ER |
226 | @@ -192,7 +196,7 @@ |
227 | done | |
228 | ||
229 | if ! [ -z "$BATCH" ]; then | |
230 | - if $OPENSSL version | grep 0.9.6 > /dev/null; then | |
231 | + if openssl version | grep 0.9.6 > /dev/null; then | |
232 | die "Batch mode is unsupported in openssl<0.9.7" | |
233 | fi | |
234 | fi | |
235 | @@ -285,7 +289,7 @@ | |
236 | ||
237 | # Make sure $KEY_CONFIG points to the correct version | |
238 | # of openssl.cnf | |
239 | - if $GREP -i 'easy-rsa version 2\.[0-9]' "$KEY_CONFIG" >/dev/null; then | |
240 | + if grep -i 'easy-rsa version 2\.[0-9]' "$KEY_CONFIG" >/dev/null; then | |
241 | : | |
242 | else | |
243 | echo "$PROGNAME: KEY_CONFIG (set by the ./vars script) is pointing to the wrong" | |
244 | @@ -296,7 +300,7 @@ | |
245 | ||
246 | # Build root CA | |
247 | if [ $DO_ROOT -eq 1 ]; then | |
248 | - $OPENSSL req $BATCH -days $CA_EXPIRE $NODES_REQ -new -newkey rsa:$KEY_SIZE -sha1 \ | |
249 | + openssl req $BATCH -days $CA_EXPIRE $NODES_REQ -new -newkey rsa:$KEY_SIZE -sha1 \ | |
250 | -x509 -keyout "$CA.key" -out "$CA.crt" -config "$KEY_CONFIG" && \ | |
251 | chmod 0600 "$CA.key" | |
252 | else | |
198d1d7f ER |
253 | @@ -319,7 +323,7 @@ |
254 | export PKCS11_PIN | |
255 | ||
256 | echo "Generating key pair on PKCS#11 token..." | |
257 | - $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --keypairgen \ | |
258 | + pkcs11-tool --module "$PKCS11_MODULE_PATH" --keypairgen \ | |
259 | --login --pin "$PKCS11_PIN" \ | |
260 | --key-type rsa:1024 \ | |
261 | --slot "$PKCS11_SLOT" --id "$PKCS11_ID" --label "$PKCS11_LABEL" || exit 1 | |
262 | @@ -327,19 +331,19 @@ | |
58e28305 ER |
263 | fi |
264 | ||
265 | # Build cert/key | |
266 | - ( [ $DO_REQ -eq 0 ] || $OPENSSL req $BATCH -days $KEY_EXPIRE $NODES_REQ -new -newkey rsa:$KEY_SIZE \ | |
267 | + ( [ $DO_REQ -eq 0 ] || openssl req $BATCH -days $KEY_EXPIRE $NODES_REQ -new -newkey rsa:$KEY_SIZE \ | |
86204cf2 AM |
268 | -keyout "$FN.key" -out "$FN.csr" $REQ_EXT -config "$KEY_CONFIG" $PKCS11_ARGS ) && \ |
269 | - ( [ $DO_CA -eq 0 ] || $OPENSSL ca $BATCH -days $KEY_EXPIRE -out "$FN.crt" \ | |
270 | + ( [ $DO_CA -eq 0 ] || openssl ca $BATCH -days $KEY_EXPIRE -out "$FN.crt" \ | |
271 | -in "$FN.csr" $CA_EXT -md sha1 -config "$KEY_CONFIG" ) && \ | |
272 | - ( [ $DO_P12 -eq 0 ] || $OPENSSL pkcs12 -export -inkey "$FN.key" \ | |
273 | + ( [ $DO_P12 -eq 0 ] || openssl pkcs12 -export -inkey "$FN.key" \ | |
274 | -in "$FN.crt" -certfile "$CA.crt" -out "$FN.p12" $NODES_P12 ) && \ | |
275 | ( [ $DO_CA -eq 0 -o $DO_P11 -eq 1 ] || chmod 0600 "$FN.key" ) && \ | |
276 | ( [ $DO_P12 -eq 0 ] || chmod 0600 "$FN.p12" ) | |
58e28305 ER |
277 | |
278 | # Load certificate into PKCS#11 token | |
279 | if [ $DO_P11 -eq 1 ]; then | |
86204cf2 AM |
280 | - $OPENSSL x509 -in "$FN.crt" -inform PEM -out "$FN.crt.der" -outform DER && \ |
281 | - $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --write-object "$FN.crt.der" --type cert \ | |
282 | + openssl x509 -in "$FN.crt" -inform PEM -out "$FN.crt.der" -outform DER && \ | |
283 | + pkcs11-tool --module "$PKCS11_MODULE_PATH" --write-object "$FN.crt.der" --type cert \ | |
58e28305 ER |
284 | --login --pin "$PKCS11_PIN" \ |
285 | --slot "$PKCS11_SLOT" --id "$PKCS11_ID" --label "$PKCS11_LABEL" | |
86204cf2 | 286 | [ -e "$FN.crt.der" ]; rm "$FN.crt.der" |
0c809860 | 287 | --- openvpn-2.1_rc4/easy-rsa/2.0/revoke-full 2007-04-26 00:38:44.000000000 +0300 |
198d1d7f | 288 | +++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/revoke-full 2007-09-18 14:08:03.698714729 +0300 |
0c809860 | 289 | @@ -1,7 +1,10 @@ |
b488f9d4 ER |
290 | -#!/bin/bash |
291 | +#!/bin/sh | |
292 | ||
efaea372 ER |
293 | # revoke a certificate, regenerate CRL, |
294 | # and verify revocation | |
295 | +if [ -z "$EASY_RSA" ]; then | |
296 | + . /etc/easy-rsa/vars | |
297 | +fi | |
298 | ||
299 | CRL="crl.pem" | |
300 | RT="revoke-test.pem" | |
58e28305 | 301 | @@ -20,11 +23,11 @@ |
efaea372 ER |
302 | export KEY_OU="" |
303 | ||
304 | # revoke key and generate a new CRL | |
4add1621 | 305 | - $OPENSSL ca -revoke "$1.crt" -config "$KEY_CONFIG" |
58e28305 | 306 | + openssl ca -revoke "$1" -config "$KEY_CONFIG" |
efaea372 ER |
307 | |
308 | # generate a new CRL -- try to be compatible with | |
309 | # intermediate PKIs | |
58e28305 ER |
310 | - $OPENSSL ca -gencrl -out "$CRL" -config "$KEY_CONFIG" |
311 | + openssl ca -gencrl -out "$CRL" -config "$KEY_CONFIG" | |
312 | if [ -e export-ca.crt ]; then | |
313 | cat export-ca.crt "$CRL" >"$RT" | |
314 | else | |
0c809860 | 315 | @@ -32,7 +35,7 @@ |
efaea372 ER |
316 | fi |
317 | ||
318 | # verify the revocation | |
4add1621 | 319 | - $OPENSSL verify -CAfile "$RT" -crl_check "$1.crt" |
58e28305 | 320 | + openssl verify -CAfile "$RT" -crl_check "$1" |
efaea372 ER |
321 | else |
322 | echo 'Please source the vars script first (i.e. "source ./vars")' | |
323 | echo 'Make sure you have edited it to reflect your configuration.' | |
0c809860 | 324 | --- openvpn-2.1_rc4/easy-rsa/2.0/sign-req 2007-04-26 00:38:44.000000000 +0300 |
198d1d7f | 325 | +++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/sign-req 2007-09-18 14:08:03.698714729 +0300 |
0c809860 ER |
326 | @@ -1,7 +1,7 @@ |
327 | -#!/bin/bash | |
328 | +#!/bin/sh | |
329 | ||
330 | # Sign a certificate signing request (a .csr file) | |
331 | # with a local root certificate and key. | |
332 | ||
333 | -export EASY_RSA="${EASY_RSA:-.}" | |
334 | -"$EASY_RSA/pkitool" --interact --sign $* | |
335 | +export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}" | |
336 | +/usr/sbin/pkitool --interact --sign $* | |
337 | --- openvpn-2.1_rc4/easy-rsa/2.0/vars 2007-04-26 00:38:44.000000000 +0300 | |
198d1d7f | 338 | +++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/vars 2007-09-18 14:08:03.698714729 +0300 |
58e28305 | 339 | @@ -12,21 +12,12 @@ |
0c809860 ER |
340 | # This variable should point to |
341 | # the top level of the easy-rsa | |
342 | # tree. | |
343 | -export EASY_RSA="`pwd`" | |
58e28305 ER |
344 | - |
345 | -# | |
346 | -# This variable should point to | |
347 | -# the requested executables | |
348 | -# | |
349 | -export OPENSSL="openssl" | |
350 | -export PKCS11TOOL="pkcs11-tool" | |
351 | -export GREP="grep" | |
352 | - | |
0c809860 ER |
353 | +export EASY_RSA="/etc/easy-rsa" |
354 | ||
294ec36a ER |
355 | # This variable should point to |
356 | # the openssl.cnf file included | |
357 | # with easy-rsa. | |
358 | -export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA` | |
359 | +export KEY_CONFIG="$EASY_RSA/openssl.cnf" | |
360 | ||
361 | # Edit this variable to point to | |
362 | # your soon-to-be-created key | |
58e28305 | 363 | @@ -38,9 +29,6 @@ |
0c809860 ER |
364 | # it correctly! |
365 | export KEY_DIR="$EASY_RSA/keys" | |
366 | ||
367 | -# Issue rm -rf warning | |
368 | -echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR | |
369 | - | |
a36b95f8 AG |
370 | # PKCS11 fixes |
371 | export PKCS11_MODULE_PATH="dummy" | |
372 | export PKCS11_PIN="dummy" |