./security/easy-rsa, CLI utility to build and manage a PKI CA

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 3.0.8, Package name: easy-rsa-3.0.8, Maintainer: pkgsrc-users

easy-rsa is a CLI utility to build and manage a PKI CA. In laymen's terms,
this means to create a root certificate authority, and request and sign
certificates, including sub-CAs and certificate revokation lists (CRL).


Required to build:
[pkgtools/cwrappers]

Master sites:

Filesize: 47.761 KB

Version history: (Expand)

CVS history: (Expand)


   2021-10-26 13:18:07 by Nia Alarie | Files touched by this commit (605) 
Log message:
security: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo \ 
cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2
   2021-10-07 16:54:50 by Nia Alarie | Files touched by this commit (606) 
Log message:
security: Remove SHA1 hashes for distfiles
   2020-11-17 13:14:17 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
easy-rsa: updated to 3.0.8

3.0.8 (2020-09-09)
* Provide --version option
* Version information now within generated certificates like on *nix
* Fixed issue where gen-dh overwrote existing files without warning
* Fixed issue with ED/EC certificates were still signed by RSA
* Added support for export-p8
* Clarified error message
* 2->3 upgrade now errors and prints message when vars isn't found
* Update OpenSSL Windows binaries to 1.1.1g
   2020-04-03 10:27:05 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
easy-rsa: updated to 3.0.7

3.0.7:
Include OpenSSL libs and binary for Windows 1.1.0j
Remove RANDFILE environment variable
Workaround for bug in win32 mktemp
Handle IP address in SAN and renewals
Workaround for ash and no set -o echo
Shore up windows testing framework
Provide upgrade mechanism for older versions of EasyRSA
Add support for KDC certificates
Add support for Edward Curves
Add support for EASYRSA_PASSIN and EASYRSA_PASSOUT env vars
Add support for RID to SAN
   2019-02-06 09:07:59 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
easy-rsa: updated to 3.0.6

3.0.6:
Certifcates that are revoked now move to a revoked subdirectory
EasyRSA no longer clobbers non-EASYRSA environment variables
More sane string checking, allowingn for commas in CN
Support for reasonCode in CRL
Better handling for capturing passphrases
Improved LibreSSL/MacOS support
Adds support to renew certificates up to 30 days before expiration
This changes previous behavior allowing for certificate creation using
duplicate CNs.
   2018-10-11 11:13:30 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
easy-rsa: updated to 3.0.5

3.0.5:
Fix: use AES256 for CA key
Also, don't use read -s, use stty -echo
Fix broken "nopass" option
Add -r to read to stop errors reported by shellcheck (and to behave)
remove overzealous quotes around $pkcs_opts (more SC errors)
Support for LibreSSL (now works on latest version of MacOS)
EasyRSA version will be reported in certificate comments
Client certificates now expire in 3 year (1080 days) by default
   2018-07-04 15:40:45 by Jonathan Perkin | Files touched by this commit (423) 
Log message:
*: Move SUBST_STAGE from post-patch to pre-configure

Performing substitutions during post-patch breaks tools such as mkpatches,
making it very difficult to regenerate correct patches after making changes,
and often leading to substituted string replacements being committed.
   2018-06-24 09:31:09 by Adam Ciarcinski | Files touched by this commit (6) 
Log message:
easy-rsa: downgraded to 3.0.4 (3.0.5 has not been released)