diff options
author | Othmar Gsenger <otti@anytun.org> | 2007-12-03 09:42:38 +0000 |
---|---|---|
committer | Othmar Gsenger <otti@anytun.org> | 2007-12-03 09:42:38 +0000 |
commit | 58ff485edbe4bb93ebc922d14df24247846132b6 (patch) | |
tree | e98c6412b149024b38550bf7d5dd1ed95e251351 /ssltools/easy-rsa/2.0/vars | |
parent | fixed doxygen bug (diff) |
added ssl tools
Diffstat (limited to 'ssltools/easy-rsa/2.0/vars')
-rwxr-xr-x | ssltools/easy-rsa/2.0/vars | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/ssltools/easy-rsa/2.0/vars b/ssltools/easy-rsa/2.0/vars new file mode 100755 index 0000000..a904547 --- /dev/null +++ b/ssltools/easy-rsa/2.0/vars @@ -0,0 +1,64 @@ +# easy-rsa parameter settings + +# NOTE: If you installed from an RPM, +# don't edit this file in place in +# /usr/share/openvpn/easy-rsa -- +# instead, you should copy the whole +# easy-rsa directory to another location +# (such as /etc/openvpn) so that your +# edits will not be wiped out by a future +# OpenVPN package upgrade. + +# This variable should point to +# the top level of the easy-rsa +# tree. +export EASY_RSA="`pwd`" + +# +# This variable should point to +# the requested executables +# +export OPENSSL="openssl" +export PKCS11TOOL="pkcs11-tool" +export GREP="grep" + + +# This variable should point to +# the openssl.cnf file included +# with easy-rsa. +export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA` + +# Edit this variable to point to +# your soon-to-be-created key +# directory. +# +# WARNING: clean-all will do +# a rm -rf on this directory +# so make sure you define +# it correctly! +export KEY_DIR="$EASY_RSA/keys" + +# Issue rm -rf warning +echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR + +# Increase this to 2048 if you +# are paranoid. This will slow +# down TLS negotiation performance +# as well as the one-time DH parms +# generation process. +export KEY_SIZE=1024 + +# In how many days should the root CA key expire? +export CA_EXPIRE=3650 + +# In how many days should certificates expire? +export KEY_EXPIRE=3650 + +# These are the default values for fields +# which will be placed in the certificate. +# Don't leave any of these fields blank. +export KEY_COUNTRY="US" +export KEY_PROVINCE="CA" +export KEY_CITY="SanFrancisco" +export KEY_ORG="Fort-Funston" +export KEY_EMAIL="me@myhost.mydomain" |