Skip to content

Introduction

Jump to bottom Edit New page
TinCanTech edited this page Jan 9, 2022 · 3 revisions

Easy-TLS script does not require root access to your system.

  • easytls - For building your TLS environment.

Easy-TLS Server-side verification scripts require the same access to your system as your Openvpn Server:

  • easytls-cryptv2-verify.sh - TLS-Crypt-V2 key verification and access tool.
  • easytls-client-connect.sh - Hardware-address verification and access and connection tracking tool.
  • easytls-client-disconnect.sh - Connection tracking tool.

Easy-TLS is intended to:

  • Generate OpenVPN specific TLS keys
  • Generate OpenVPN specific .inline files, which include:
    • OpenVPN specific TLS keys and required settings
    • Easy-RSA generated x509 Public Key Infra-structure
  • Marshal requirements to maintain valid .inline status

Minimum requirements:

  • Openvpn 2.5
  • Easy-RSA 3.0.7

Supports all "popular" OS:

  • Minimum requirement: All code must be compatible with EasyRSA3 for Windows.

Installation:

  • Download: easytls to your easyrsa3 working directory.
  • Windows users must start Easy-RSA using EasyRSA-Start.bat to start the shell
    and then use ./easytls in the same way you would use ./easyrsa.

Full Installation:

Also download the following scripts:

Howto and wiki:

Usage:

  • Start like this:
    ./easytls init-tls
    ./easytls build
    ./easytls inline
    ./easytls remove
    ./easytls scripts
    ./easytls help
    ./easytls help <command> - Show specific help for <command>
    ./easytls help options - Show options help
    ./easytls help abb - Show abbreviations
    ./easytls help config - Show configuration elements

  • For No-CA mode (a.k.a. Peer-fingerprint / selfsigned mode):
    ./easytls init-tls no-ca
    ./easytls selfsign

Needs updating

Add a custom sidebar
Clone this wiki locally