Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/tincantech/easy-tls
Manage and Inline OpenVPN TLS keys and Easy-RSA PKI credentials. Supports OpenVPN TLS-Crypt-V2 key system and OpenVPN Peer-Fingerprint mode.
https://github.com/tincantech/easy-tls
automation certificates cryptography easyrsa inline keys openvpn openvpn-peer-fingerprint openvpn-tls-crypt-v2 shell-script tls vpn x509
Last synced: 5 days ago
JSON representation
Manage and Inline OpenVPN TLS keys and Easy-RSA PKI credentials. Supports OpenVPN TLS-Crypt-V2 key system and OpenVPN Peer-Fingerprint mode.
- Host: GitHub
- URL: https://github.com/tincantech/easy-tls
- Owner: TinCanTech
- License: gpl-2.0
- Created: 2020-03-14T16:24:11.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2024-07-20T13:15:56.000Z (5 months ago)
- Last Synced: 2024-12-16T08:15:48.306Z (13 days ago)
- Topics: automation, certificates, cryptography, easyrsa, inline, keys, openvpn, openvpn-peer-fingerprint, openvpn-tls-crypt-v2, shell-script, tls, vpn, x509
- Language: Shell
- Homepage:
- Size: 5.95 MB
- Stars: 90
- Watchers: 11
- Forks: 20
- Open Issues: 34
-
Metadata Files:
- Readme: .github/README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
README
[![CI](https://github.com/TinCanTech/easy-tls/actions/workflows/blank.yml/badge.svg)](https://github.com/TinCanTech/easy-tls/actions/workflows/blank.yml)
# Easy-TLSFrom that list above, the only file which you need is: [**`easytls`**](https://github.com/TinCanTech/easy-tls/blob/master/easytls)
## Standard Features
Easy-TLS is an Easy-RSA extension utility to help manage:
+ Easy-RSA based x509 security credentials
+ OpenVPN specific TLS keys
+ Verified **`Inline`** files for use with OpenVPN
+ Concise OpenVPN TLS-Crypt-V2 Client Key Metadata definition
+ X509 Certificate **and matched** Easy-TLS Inline-file Expiry management tools
+ Substantial **Inter-active Menus**## Additional Features
Easy-TLS also supports No-CA mode, which does not require an Easy-RSA CA:
+ Use Easy-TLS to build **self-signed** X509 Certificates and keys.### Installation
Download: [**`easytls`**](https://github.com/TinCanTech/easy-tls/blob/master/easytls) to your `easyrsa3` working directory.For full support, you will also need these scripts for use by your OpenVPN Server:
+ [**`easytls-cryptv2-verify.sh (1)`**](https://github.com/TinCanTech/easy-tls/blob/master/easytls-cryptv2-verify.sh) - **Can be used stand-alone**
Used by Openvpn-Server to enforce TLS-Crypt-V2 `metadata` access policy rules.+ [**`easytls-client-connect.sh (2)`**](https://github.com/TinCanTech/easy-tls/blob/master/easytls-client-connect.sh) - **Requires script `(1)(3)`**
Used by Openvpn-Server to enforce `TLS-Key-type` and `address-filter` access policy rules.+ [**`easytls-client-disconnect.sh (3)`**](https://github.com/TinCanTech/easy-tls/blob/master/easytls-client-disconnect.sh) - **Requires script `(1)(2)`**
This Disconnect script is **required by** the Connect script.+ Optional - [**`easytls-conntrac.lib`**](https://github.com/TinCanTech/easy-tls/blob/master/easytls-conntrac.lib) - **Requires script `(1)(2)(3)`**
Connection tracking plug-in, required for optional connection tracking.### Environment
**`easytls`** is intended to work **everywhere** that **`openvpn`** and **`easyrsa`** work.### Requirements
+ Easy-RSA Version 3.0.6+
+ OpenVPN Version 2.5.0+### Support
Please use the issues section here on github.
For live support you can use IRC channel: **libera.chat/#easytls**
Wiki: https://github.com/TinCanTech/easy-tls/wiki
Howto: https://github.com/TinCanTech/easy-tls/blob/master/EasyTLS-Howto-ii.md## Acknowledgements
Easy-TLS is *written in the style of* and *borrows heavily from* Easy-RSA
See: https://github.com/OpenVPN/easy-rsa
**Note:**
This is intended to facilitate maximum compatibility with Easy-RSA while extending functionality
to include direct support for OpenVPN specific TLS keys and Inline credentials.### Easy-TLS is inspired by **syzzer**
See: https://github.com/OpenVPN/openvpn/blob/master/doc/tls-crypt-v2.txtI hope that you find Easy-TLS to be a useful tool.