Closed TinCanTech closed 2 years ago
I started this:
#!/bin/sh
auto_mode="$1"
case "$auto_mode" in
ca)
print "
Used in Normal mode, this auto-build menu will do the following:
----------------------------------------------------------------
* Create 1 TLS-Crypt-V2 Server key, for all servers (Group Server key).
* Create 1 Inline file for each X509 Server certificate in the PKI.
If there are two Server certificates, each will have an Inline file.
All Server Inline files will use the same TLS-Crypt-V2 Server key.
* Create 1 TLS-Crypt-V2 Client key, for all clients (Group Client key).
* Create 1 Inline file for each X509 Client certificate in the PKI.
If there are four Client certificates, each will have an Inline file.
All Client Inline files will use the same TLS-Crypt-V2 Group Client key.
* These Inline files are all ready to be distributed and used, as is.
* NOTE: This script does NOT build your Easy-RSA PKI"
;;
ss)
print "
Used in NO-CA mode, this auto-build menu will do the following:
---------------------------------------------------------------
* Create 1 self-signed Server X509 certificate and key.
* Create 1 TLS-Crypt-V2 Server key.
* Create 1 Inline Server file for the Server above.
* Create 1 self-signed Client X509 certificate and key.
* Create 1 TLS-Crypt-V2 Group Client key.
* Create 1 Inline Client file for the Client above.
* Share certificate finger-prints for No-CA mode.
* These Inline files are all ready to be distributed and used, as is.
* NOTE: This script does NOT build your Easy-RSA PKI"
;;
*)
Die "Unsupported parameter: $1"
esac
But I am not going to finish it. The interactive menus are adequate.
Something like
./easytls magic
and build keys and inlines for basic PKIs.