Package: easy-rsa Version: 3.0.4-2 Severity: wishlist The easyrsa-openssl.cnf file created by make-cadir is a copy of the default easy-rsa openssl-easyrsa.cnf file. I think it would be better to generate an openssl-easyrsa.cnf that uses the OpenSSL 1.1.1 .include directive to include the default file and then allow admins to add lines overriding the defaults. This way if the defaults change, they also get automatically updated for existing easy-rsa managed dirs.
-- System Information: Debian Release: buster/sid APT prefers testing-debug APT policy: (900, 'testing-debug'), (900, 'testing'), (800, 'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700, 'experimental-debug'), (700, 'experimental'), (690, 'buildd-experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.18.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8), LANGUAGE=en_AU.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages easy-rsa depends on: ii openssl 1.1.1-1 Versions of packages easy-rsa recommends: pn opensc <none> easy-rsa suggests no packages. -- no debconf information -- bye, pabs https://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part