-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi,
------- Original Message ------- On Friday, March 3rd, 2023 at 15:03, Bo Berglund <bo.bergl...@gmail.com> wrote: > On Fri, 03 Mar 2023 14:40:01 +0100, Bo Berglund bo.bergl...@gmail.com wrote: > > > So I have created a new "easy-rsa" dir by doing this: > > > > wget > > https://github.com/OpenVPN/easy-rsa/releases/download/v3.1.2/EasyRSA-3.1.2.tgz > > tar -xvf EasyRSA-3.1.2.tgz > > > > This gives me a new EasyRSA-3.1. subdir in parallel with the existinf > > easy-rsa > > dir. > > > > Then inside that I did: > > > > cp -r ../easy-rsa/keys ./ > > > > So now I have a copy of the active keys dir from version 2 inside the > > version > > 3 dir. > > > > Is this then ready to execute the upgrade command? > > > > easyrsa upgrade pki > > > > Note that the keys dir contains a whole lot of client related files as well, > > four files for each client (Name.3des.key, Name.crt, Name.csr and Name.key) > > > > These have been used to create the ovpn files for each client, which are > > stored > > in a "clients" subdir of easy-rsa. > > > So I have now read the vars file and found that on EasyRSA-3.1.2 it seems like > the keys directory is now named pki rather than keys... > > Does the upgrade read the ./keys dir and put converted data into ./pki ?? > The upgrade is intended to create a v3 ./pki from a v2 ./keys folder. Certificates are copied to ./pki/issued. Keys are copied to ./pki/private. A new vars file is built from settings in the current vars file. A new openssl-easyrsa.cnf file is created. Old program files from EasyRSA v2 are archived away. Note: A Test run is executed first. All of your current files are saved to ./VERY-SAFE-PKI PKCS files are not managed by the upgrade. Revoked certificates are not moved to the revoked storage folder. The simple answer is, try it! Thanks Richard -----BEGIN PGP SIGNATURE----- Version: ProtonMail wsBzBAEBCAAnBQJkAhYaCRBPl5z2a5C4nRYhBAm8PURno41yecVVVU+XnPZr kLidAADqwgf/bRg7Ol9UJo2aiR2dYYPI/8TfstkP6PyYJtXHhUzMp36vjnmU 3vD8GINNuztR7wUbOE9VbHVuQC1jIpUS2gyc4COCkFtUE/0inLjeLUkl3rEh idvAmKjweKVq31qsQEz7lwM8voIhHJQ+8nPwWNpjzSZGH9May3OcvJE+rwwv zkNLug1lvQgg1C7+cvOH+zUsuTYPkhOeWIY5xkf7ISDEDSrde5bfU2cNvNK6 SeRE1Dsh3p/YsqkPz3i16trdLXx/aS0yJE7ZsCh2AzSQ75c6Pskf1n3Isb97 BBF/yOqWr2C/t+BpZMkOTdRCu8S5w8+cKIP7WePNpe+Gw6LrGvKNXA== =QbGQ -----END PGP SIGNATURE-----
publickey - tincantech@protonmail.com - 0x09BC3D44.asc
Description: application/pgp-keys
publickey - tincantech@protonmail.com - 0x09BC3D44.asc.sig
Description: PGP signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
