Log Message:
easy-rsa: updated to 3.2.0

EasyRSA v3.2.0 - Most significant changes

New commands:

self-sign-server and self-sign-client
Create self-signed certificates for use with OpenVPN Peer Fingerprint mode.
These certificates comply with other EasyRSA signing policies.

expire
Selectively move certificates from the issued/ to expired/ directory.
This allows a new certificate to be signed from the original signing request file.
This allows all custom signing options to be applied as required.
This replaces the old command renew, which has been removed.
Further details: doc/EasyRSA-Renew-and-Revoke.md

write
Create legacy support files: openssl-easyrsa.cnf, x509-types/* and vars.example.
This allows EasyRSA to be used without having copies of the support files installed.

Removed commands:

renew
Replaced by command expire, followed by command sign-req.
This allows all custom options to be used when signing, which renew did not.

rebuild and rewind-renew
No longer required.

upgrade
No longer supported.

New Global Option:

--new-subject -- Command sign-req option: newsubj
Edit Request Subject during command sign-req

New files:

easyrsa-tools.lib
Moved code for commands show-expire, show-revoke and show-renew to the new file.
easyrsa-tools.lib is auto-loaded, if it is found in a supported location. eg. $pwd