Menu
▾
▴
[Openvpn-users] easyrsa build-ca does not use my var file
|
From: Bruce B. <bru...@gm...> - 2025-02-04 06:23:22
|
Hello everyone,
Environment: Debian 11.11
easyrsa version 3.0.8
Issue:
I’m trying to initialise and build my intermediate CA
easyrsa build-ca does not use my modified variables when it creates my new CA.
My custom variables are in the file “vars" in my ~/easy-rsa directory
The vars file is a copy of the file “vars.example"
in vars, I have modified the following variables:
set_var EASYRSA “~/easy-rsa/"
set_var EASYRSA_KEY_SIZE 4096
set_var EASYRSA_DIGEST "sha512"
The file permissions assign to the file ~/easy-rsa/vars are u=rw,go=, where the file owner is the owner of ~/
I’ve also tried an ownership definition of u=rw,go=r, but this makes no difference.
When I run the commands:
./easyrsa init-pki
./easyrsa build-ca
and then check the created certificate with: openssl x509 -noout -text -in ~/easy-rsa/pki/ca.crt
I find:
Signature Algorithm: sha256WithRSAEncryption
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
This is not what I had defined in ~/esay-rsa/vars.
Any pointers on how to get this working will be appreciated.
Kind regards,
Bruce
|
