Jérémy Dubois
fdf9357792
Fix mode of shellpki script in README file when installing it
2022-12-13 19:40:52 +01:00
Jérémy Dubois
d04d68f6cb
Release 22.12.2
2022-12-13 17:46:50 +01:00
Jérémy Dubois
514cd2e50f
Defaults default_crl_days to 2 years instead of 1
2022-12-13 17:43:45 +01:00
Jérémy Dubois
30ef252ff5
Fix ${CRL} and ${CA_DIR} rights so that CRL file can be read by openvpn
2022-12-13 17:41:31 +01:00
Jérémy Dubois
e0c29cfcf1
Release 22.12.1
2022-12-02 18:04:11 +01:00
Jérémy Dubois
2afa4ab449
update CHANGELOG
2022-12-02 16:32:22 +01:00
Jérémy Dubois
a750b71e05
Fix path variables in cert-expirations.sh
2022-12-02 16:15:18 +01:00
Jérémy Dubois
24249d829c
cert-expirations.sh: check CARP state only when checking ca and certs expirations
2022-12-02 15:08:31 +01:00
Jérémy Dubois
7382947fc3
Release 22.12
2022-12-01 16:50:41 +01:00
Jérémy Dubois
bd5e02bb87
Use functions in cert-expirations.sh
2022-12-01 16:42:35 +01:00
Jérémy Dubois
e33722d440
Improved cert-expirations.sh for better readability of its ouput
2022-12-01 15:35:11 +01:00
Jérémy Dubois
467ea5fe3d
update CHANGELOG
2022-09-06 14:36:14 +02:00
Jérémy Dubois
3b3e0b01bf
Merge branch 'openssl-pkey' into dev
2022-09-06 14:29:30 +02:00
Jérémy Dubois
34b53e63f2
The key file can be read and written only by the owner
2022-08-31 11:35:12 +02:00
Jérémy Dubois
e886ca9549
Update README : how to create or revoke many certificates at once
2022-08-09 15:48:20 +02:00
Jérémy Dubois
5f792272c6
update CHANGELOG file
2022-07-13 11:20:01 +02:00
Brice Waegeneire
f58712f2b3
create index.txt.attr file
2022-07-11 11:09:37 +02:00
Jérémy Dubois
754c3455e0
Release 22.04
2022-04-14 17:20:04 +02:00
Jérémy Dubois
d614079138
Update CHANGELOG
2022-04-14 17:15:20 +02:00
Jérémy Dubois
7a034a2a17
Some files must be copied to ansible-roles/openvpn
2022-04-14 16:47:33 +02:00
Jérémy Dubois
42de07cb66
Add version to files that will be copied out of this repo so that we easily know if they will need an update
2022-04-14 16:21:38 +02:00
Jérémy Dubois
992fde0930
Precising that the --end-date hour is in UTC +0
2022-04-14 15:53:59 +02:00
Jérémy Dubois
6165ccec6c
Generate CRL only if (re)generating CA
2022-04-14 15:51:07 +02:00
Jérémy Dubois
55e02c6a13
Check if CN already exists only after having asked for user password
...
Otherwise, with "-p", "--replace-existing" and "--non-interactive", with
CA_PASSWORD set but PASSWORD unset, the existing certificate was revoked but
the new one could'nt be created. Now, PASSWORD must be set or the exisiting
certificate won't be revoked
2022-04-14 15:18:57 +02:00
Jérémy Dubois
ba2f553ef4
Do not use --password and --password-file together
2022-04-14 15:01:09 +02:00
Mathieu Trossevin
38aac7b137
Use genpkey and pkey instead of genrsa and rsa
...
genrsa and rsa are being deprecated by OpenSSL and both genpkey and pkey
provides the same functionalities as genrsa and rsa will being more
configurable.
2022-04-06 11:40:17 +02:00
Jérémy Dubois
97f1affa1b
Create crl file after init of PKI
2022-04-04 18:13:37 +02:00
Jérémy Dubois
14a65fa42d
Change SUFFIX to use human readable date instead of epoch
2022-04-04 17:55:37 +02:00
Jérémy Dubois
c76b7a02ca
Split show_usage for each subcommand, add --version and --help in addition to version and help, update VERSION
2022-04-04 17:37:20 +02:00
Jérémy Dubois
1fa4ff205e
Parse date in ISO format rather than US format
2022-04-04 17:01:19 +02:00
Jérémy Dubois
554f6166c9
Forget to delete a debug line
2022-03-29 18:59:09 +02:00
Jérémy Dubois
85c3324713
Update Copyright
2022-03-29 18:48:45 +02:00
Jérémy Dubois
9f13a42355
Handle the case where --days argument is not a number or a negative one
...
Before this test, the error was displayed but ignored and the certificate was
still created depending on the default_days value in openssl.cnf
2022-03-29 18:42:28 +02:00
Jérémy Dubois
abf6fb131c
Do not use --end-date and --days together
2022-03-29 18:20:16 +02:00
Jérémy Dubois
191ba257d9
Fix parsing options when no option is given
2022-03-29 18:19:33 +02:00
Jérémy Dubois
e42af2183c
Fix --non-interactive behavior: there were still some prompts to the user
2022-03-29 18:18:01 +02:00
Jérémy Dubois
a640892ecb
Syntax: no space before ":"
2022-03-29 18:17:03 +02:00
Jérémy Dubois
6d71a5a177
Fix end-date format depending on system
2022-03-29 18:15:57 +02:00
Jérémy Dubois
047c6e334a
Improve README and show_usage
2022-03-29 18:10:47 +02:00
Jérémy Dubois
5f27702f17
Delete ovpn.conf.example unnecessary here
...
shellpki alone is not enough to install OpenVPN, and the openvpn role provides
the openvpn server configuration
2022-03-29 18:01:23 +02:00
Jérémy Dubois
50fc8c2d21
README file : delete unnecessary leading spaces
2022-03-22 18:11:17 +01:00
Jérémy Dubois
d0c6a55538
README file and show_usage function : replace "cert" with "certificate"
2022-03-22 18:08:57 +01:00
Jérémy Dubois
da7809f3c0
Update README file and show_usage function : forgotten information
2022-03-22 18:04:03 +01:00
Jérémy Dubois
4a2e5c93f1
Update README file and show_usage function
2022-03-22 18:01:22 +01:00
Jérémy Lecour
d48dc132be
fix replace-existing and non-interactive confict
2022-03-14 14:40:50 +01:00
Jérémy Dubois
69db5a80aa
More conventional "list" parsing
2022-03-14 11:03:36 +01:00
Jérémy Dubois
c92f7a5a7e
Change ovpn example file to match the openvpn ansible role and wiki
2022-03-14 10:55:28 +01:00
Jérémy Dubois
af24b1469d
Add nobind option to client config
2022-03-14 10:55:06 +01:00
Jérémy Lecour
e8ced03988
add .ovpn example
2022-03-11 14:12:27 +01:00
Jérémy Lecour
4bb24707b0
simplify "list" options parsing
2022-03-11 14:10:53 +01:00