1 --- a/easy-rsa/2.0/build-ca
2 +++ b/easy-rsa/2.0/build-ca
8 # Build a root certificate
11 export EASY_RSA="${EASY_RSA:-.}"
12 -"$EASY_RSA/pkitool" --interact --initca $*
13 +"/usr/sbin/pkitool" --interact --initca $*
14 --- a/easy-rsa/2.0/build-dh
15 +++ b/easy-rsa/2.0/build-dh
22 # Build Diffie-Hellman parameters for the server side
23 # of an SSL/TLS connection.
24 --- a/easy-rsa/2.0/build-inter
25 +++ b/easy-rsa/2.0/build-inter
30 # Make an intermediate CA certificate/private key pair using a locally generated
33 export EASY_RSA="${EASY_RSA:-.}"
34 -"$EASY_RSA/pkitool" --interact --inter $*
35 +"/usr/sbin/pkitool" --interact --inter $*
36 --- a/easy-rsa/2.0/build-key
37 +++ b/easy-rsa/2.0/build-key
42 # Make a certificate/private key pair using a locally generated
45 export EASY_RSA="${EASY_RSA:-.}"
46 -"$EASY_RSA/pkitool" --interact $*
47 +"/usr/sbin/pkitool" --interact $*
48 --- a/easy-rsa/2.0/build-key-pass
49 +++ b/easy-rsa/2.0/build-key-pass
54 # Similar to build-key, but protect the private key
57 export EASY_RSA="${EASY_RSA:-.}"
58 -"$EASY_RSA/pkitool" --interact --pass $*
59 +"/usr/sbin/pkitool" --interact --pass $*
60 --- a/easy-rsa/2.0/build-key-pkcs12
61 +++ b/easy-rsa/2.0/build-key-pkcs12
66 # Make a certificate/private key pair using a locally generated
67 # root certificate and convert it to a PKCS #12 file including the
68 # the CA certificate as well.
70 export EASY_RSA="${EASY_RSA:-.}"
71 -"$EASY_RSA/pkitool" --interact --pkcs12 $*
72 +"/usr/sbin/pkitool" --interact --pkcs12 $*
73 --- a/easy-rsa/2.0/build-key-server
74 +++ b/easy-rsa/2.0/build-key-server
79 # Make a certificate/private key pair using a locally generated
82 # extension in the openssl.cnf file.
84 export EASY_RSA="${EASY_RSA:-.}"
85 -"$EASY_RSA/pkitool" --interact --server $*
86 +"/usr/sbin/pkitool" --interact --server $*
87 --- a/easy-rsa/2.0/build-req
88 +++ b/easy-rsa/2.0/build-req
93 # Build a certificate signing request and private key. Use this
94 # when your root certificate and key is not available locally.
96 export EASY_RSA="${EASY_RSA:-.}"
97 -"$EASY_RSA/pkitool" --interact --csr $*
98 +"/usr/sbin/pkitool" --interact --csr $*
99 --- a/easy-rsa/2.0/build-req-pass
100 +++ b/easy-rsa/2.0/build-req-pass
105 # Like build-req, but protect your private key
108 export EASY_RSA="${EASY_RSA:-.}"
109 -"$EASY_RSA/pkitool" --interact --csr --pass $*
110 +"/usr/sbin/pkitool" --interact --csr --pass $*
111 --- a/easy-rsa/2.0/clean-all
112 +++ b/easy-rsa/2.0/clean-all
117 +. /etc/easy-rsa/vars
119 # Initialize the $KEY_DIR directory.
120 # Note that this script does a
121 --- a/easy-rsa/2.0/inherit-inter
122 +++ b/easy-rsa/2.0/inherit-inter
127 +. /etc/easy-rsa/vars
129 # Build a new PKI which is rooted on an intermediate certificate generated
130 # by ./build-inter or ./pkitool --inter from a parent PKI. The new PKI should
131 --- a/easy-rsa/2.0/list-crl
132 +++ b/easy-rsa/2.0/list-crl
137 +. /etc/easy-rsa/vars
139 # list revoked certificates
141 --- a/easy-rsa/2.0/pkitool
142 +++ b/easy-rsa/2.0/pkitool
146 +. /etc/easy-rsa/vars
148 # OpenVPN -- An application to securely tunnel IP networks
149 # over a single TCP/UDP port, with support for SSL/TLS-based
150 # session authentication and key exchange,
151 --- a/easy-rsa/2.0/revoke-full
152 +++ b/easy-rsa/2.0/revoke-full
157 +. /etc/easy-rsa/vars
159 # revoke a certificate, regenerate CRL,
160 # and verify revocation
161 --- a/easy-rsa/2.0/sign-req
162 +++ b/easy-rsa/2.0/sign-req
167 # Sign a certificate signing request (a .csr file)
168 # with a local root certificate and key.
170 export EASY_RSA="${EASY_RSA:-.}"
171 -"$EASY_RSA/pkitool" --interact --sign $*
172 +"/usr/sbin/pkitool" --interact --sign $*
173 --- a/easy-rsa/2.0/vars
174 +++ b/easy-rsa/2.0/vars
176 # This variable should point to
177 # the top level of the easy-rsa
179 -export EASY_RSA="`pwd`"
180 +export EASY_RSA="/etc/easy-rsa"
183 # This variable should point to
184 @@ -26,7 +26,7 @@ export GREP="grep"
185 # This variable should point to
186 # the openssl.cnf file included
188 -export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
189 +export KEY_CONFIG=`/usr/sbin/whichopensslcnf $EASY_RSA`
191 # Edit this variable to point to
192 # your soon-to-be-created key