./security/easy-rsa, CLI utility to build and manage a PKI CA

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 3.0.7, Package name: easy-rsa-3.0.7, Maintainer: pkgsrc-users

easy-rsa is a CLI utility to build and manage a PKI CA. In laymen's terms,
this means to create a root certificate authority, and request and sign
certificates, including sub-CAs and certificate revokation lists (CRL).


Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 0f08ae1b5fc32c9867d3623f13c2520082af6ca2
RMD160: 6c36cb7147a52eaa3878711049b27da210305fde
Filesize: 47.085 KB

Version history: (Expand)


CVS history: (Expand)


   2020-04-03 10:27:05 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
easy-rsa: updated to 3.0.7

3.0.7:
Include OpenSSL libs and binary for Windows 1.1.0j
Remove RANDFILE environment variable
Workaround for bug in win32 mktemp
Handle IP address in SAN and renewals
Workaround for ash and no set -o echo
Shore up windows testing framework
Provide upgrade mechanism for older versions of EasyRSA
Add support for KDC certificates
Add support for Edward Curves
Add support for EASYRSA_PASSIN and EASYRSA_PASSOUT env vars
Add support for RID to SAN
   2019-02-06 09:07:59 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
easy-rsa: updated to 3.0.6

3.0.6:
Certifcates that are revoked now move to a revoked subdirectory
EasyRSA no longer clobbers non-EASYRSA environment variables
More sane string checking, allowingn for commas in CN
Support for reasonCode in CRL
Better handling for capturing passphrases
Improved LibreSSL/MacOS support
Adds support to renew certificates up to 30 days before expiration
This changes previous behavior allowing for certificate creation using
duplicate CNs.
   2018-10-11 11:13:30 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
easy-rsa: updated to 3.0.5

3.0.5:
Fix: use AES256 for CA key
Also, don't use read -s, use stty -echo
Fix broken "nopass" option
Add -r to read to stop errors reported by shellcheck (and to behave)
remove overzealous quotes around $pkcs_opts (more SC errors)
Support for LibreSSL (now works on latest version of MacOS)
EasyRSA version will be reported in certificate comments
Client certificates now expire in 3 year (1080 days) by default
   2018-07-04 15:40:45 by Jonathan Perkin | Files touched by this commit (423)
Log message:
*: Move SUBST_STAGE from post-patch to pre-configure

Performing substitutions during post-patch breaks tools such as mkpatches,
making it very difficult to regenerate correct patches after making changes,
and often leading to substituted string replacements being committed.
   2018-06-24 09:31:09 by Adam Ciarcinski | Files touched by this commit (6)
Log message:
easy-rsa: downgraded to 3.0.4 (3.0.5 has not been released)
   2018-01-30 15:34:06 by Makoto Fujiwara | Files touched by this commit (3) | Package updated
Log message:
Updated security/easy-rsa to 3.0.5

3.0.5
   * Fix #17 & #58: use AES256 for CA key
        * Also, don't use read -s, use stty -echo

3.0.4
    * Remove use of egrep (#154)
    * Integrate with Travis-CI (#165)
    * Remove "local" from variable assignment (#165)
        * Other changes related to Travis-CI fixes
        * Assign values to variables defined previously w/local
    * Finally(?) fix the subjectAltName issues I presented earlier (really
    fixes #168
   2018-01-15 10:26:23 by John Nemeth | Files touched by this commit (3)
Log message:
set sane default location for config file
   2017-12-04 08:19:55 by Thomas Klausner | Files touched by this commit (2)
Log message:
easy-rsa: remove DIST_SUBDIR, not necessary