Warning about moving `vars` to the PKI

[TinCanTech]

If you see this warning about your vars file:

IMPORTANT:
  The preferred location for 'vars' is within the PKI folder.
  To silence this message move your 'vars' file to your PKI
  or declare your 'vars' file with option: --vars=<FILE>

Ignore this message, it will be removed in the next release.

Edit:

• Due to changes made in #1025, it is now safe to keep your vars file in your PKI directory. This is now recommended.

~Please, do NOT put your vars file into your PKI.~

---

The problem is due to setting EASYRSA or EASYRSA_PKI in the vars file.

First, establish if your vars file is Global or Local:

Global:

• The vars file is NOT in the PKI.
• EASYRSA and EASYRSA_PKI MUST NOT be set in the vars file. Otherwise, you have locked your vars file to a single PKI, which means it is not global.

Local:

• The vars file is in the PKI.
• EASYRSA and EASYRSA_PKI MUST NOT be set in the vars file. These settings are not compatible with a vars file in the PKI.

~## Do NOT move your vars file to your PKI.~

Note: Setting EASYRSA and EASYRSA_PKI in the vars file is NOT recommended. However, if you do set these variables in vars then it is still supported.

[TinCanTech]

EasyRSA vars file is expected to be in the parent of the PKI.

Changing that in version 3.1.x has proven to be too intrusive.

Note: EasyRSA has not made any changes to force vars in the PKI, it has only added a warning to encourage that use. That warning will be disabled for v3.1.7+.

1008

1014

[TinCanTech]

Follow-up: #1027