Skip to content

Manage and Inline OpenVPN TLS keys and Easy-RSA PKI credentials. Supports OpenVPN TLS-Crypt-V2 key system and OpenVPN Peer-Fingerprint mode.

License

Notifications You must be signed in to change notification settings

TinCanTech/easy-tls

Repository files navigation

CI

Easy-TLS

From that list above, the only file which you need is: easytls

Standard Features

Easy-TLS is an Easy-RSA extension utility to help manage:

  • Easy-RSA based x509 security credentials
  • OpenVPN specific TLS keys
  • Verified Inline files for use with OpenVPN
  • Concise OpenVPN TLS-Crypt-V2 Client Key Metadata definition
  • X509 Certificate and matched Easy-TLS Inline-file Expiry management tools
  • Substantial Inter-active Menus

Additional Features

Easy-TLS also supports No-CA mode, which does not require an Easy-RSA CA:

  • Use Easy-TLS to build self-signed X509 Certificates and keys.

Installation

Download: easytls to your easyrsa3 working directory.

For full support, you will also need these scripts for use by your OpenVPN Server:

Environment

easytls is intended to work everywhere that openvpn and easyrsa work.

Requirements

  • Easy-RSA Version 3.0.6+
  • OpenVPN Version 2.5.0+

Support

Please use the issues section here on github.
For live support you can use IRC channel: libera.chat/#easytls
Wiki: https://github.com/TinCanTech/easy-tls/wiki
Howto: https://github.com/TinCanTech/easy-tls/blob/master/EasyTLS-Howto-ii.md

Acknowledgements

Easy-TLS is written in the style of and borrows heavily from Easy-RSA
See: https://github.com/OpenVPN/easy-rsa
Note:
This is intended to facilitate maximum compatibility with Easy-RSA while extending functionality
to include direct support for OpenVPN specific TLS keys and Inline credentials.

Easy-TLS is inspired by syzzer

See: https://github.com/OpenVPN/openvpn/blob/master/doc/tls-crypt-v2.txt

I hope that you find Easy-TLS to be a useful tool.