Easy-TLS is an Easy-RSA extension utility to help manage:
- Easy-RSA based x509 security credentials
- OpenVPN specific TLS keys
- Verified
Inlinefiles for use with OpenVPN - Concise OpenVPN TLS-Crypt-V2 Client Key Metadata definition
- X509 Certificate and matched Easy-TLS Inline-file Expiry management tools
- Complete Inter-active Menus
EasyTLS scripts to interogate EasyTLS-CryptV2 metadata:
easytls-cryptv2-verify.sh- TLS-Crypt-V2 key metadata access policy tool.easytls-verify.sh- TLS and X509 level access policy tool.easytls-client-connect.sh- Hardware-address access policy tool.
Simply copy easytls to your easyrsa working directory.
For full support, you will also need these scripts for use by your OpenVPN Server:
-
easytls-cryptv2-verify.sh
This script is used by Openvpn-Server to manage TLS-Crypt-V2 Metadata access policy rules. -
easytls-verify.sh
This script is is used by Openvpn-Server to manage TLS verification.
Required for EasyTLS hardware-address access policy rules. -
easytls-cryptv2-client-connect.sh
This script is used by Openvpn-Server to manage hardware-address access policy rules.
easytls is intended to work everywhere that openvpn and easyrsa work.
- Easy-RSA Version 3.0.5+
- OpenVPN Version 2.5.0+
Please use the issues section here on github.
For live support you can use IRC channel: libera.chat/#easytls
Wiki: https://github.com/TinCanTech/easy-tls/wiki
Howto: https://github.com/TinCanTech/easy-tls/blob/master/EasyTLS-Howto-ii.md
Easy-TLS is written in the style of and borrows heavily from Easy-RSA
See: https://github.com/OpenVPN/easy-rsa
Note:
This is intended to facilitate maximum compatibility with Easy-RSA while extending functionality
to include direct support for OpenVPN specific TLS keys and Inline credentials.
Easy-TLS is inspired by syzzer
See: https://github.com/OpenVPN/openvpn/blob/master/doc/tls-crypt-v2.txt