From that list above, the only file which you need is: easytls
Easy-TLS is an Easy-RSA extension utility to help manage:
- Easy-RSA based x509 security credentials
- OpenVPN specific TLS keys
- Verified
Inlinefiles for use with OpenVPN - Concise OpenVPN TLS-Crypt-V2 Client Key Metadata definition
- X509 Certificate and matched Easy-TLS Inline-file Expiry management tools
- Substantial Inter-active Menus
Easy-TLS also supports No-CA mode, which does not require an Easy-RSA CA:
- Use Easy-TLS to build self-signed X509 Certificates and keys.
Download: easytls to your easyrsa3 working directory.
For full support, you will also need these scripts for use by your OpenVPN Server:
-
easytls-cryptv2-verify.sh (1)- Can be used stand-alone
Used by Openvpn-Server to enforce TLS-Crypt-V2metadataaccess policy rules. -
easytls-client-connect.sh (2)- Requires script(1)(3)
Used by Openvpn-Server to enforceTLS-Key-typeandaddress-filteraccess policy rules. -
easytls-client-disconnect.sh (3)- Requires script(1)(2)
This Disconnect script is required by the Connect script. -
Optional -
easytls-conntrac.lib- Requires script(1)(2)(3)
Connection tracking plug-in, required for optional connection tracking.
easytls is intended to work everywhere that openvpn and easyrsa work.
- Easy-RSA Version 3.0.6+
- OpenVPN Version 2.5.0+
Please use the issues section here on github.
For live support you can use IRC channel: libera.chat/#easytls
Wiki: https://github.com/TinCanTech/easy-tls/wiki
Howto: https://github.com/TinCanTech/easy-tls/blob/master/EasyTLS-Howto-ii.md
Easy-TLS is written in the style of and borrows heavily from Easy-RSA
See: https://github.com/OpenVPN/easy-rsa
Note:
This is intended to facilitate maximum compatibility with Easy-RSA while extending functionality
to include direct support for OpenVPN specific TLS keys and Inline credentials.
See: https://github.com/OpenVPN/openvpn/blob/master/doc/tls-crypt-v2.txt
I hope that you find Easy-TLS to be a useful tool.
