I got the latest version (3.0.1) of the easy-rsa tool from Github in order to generate some certificates for a small VPN. After looking into the documentation I manage to write a vars file that include answers to most questions made by the tool including setting the Common Name:
set_var EASYRSA_REQ_CN "vpn.machine.dev"
Every other option os correctly loaded / takes the value I set on vars by the easy-rsa tool however EASYRSA_REQ_CN seems to be ignored. Here is an example:
Organizational Unit Name (eg, section) [IT]:
Common Name (eg: your user, host, or server name) [Easy-RSA CA]:
Email Address [[email protected]]:
Why isn't Common Name using the value I set and is defaulting to [Easy-RSA CA]? What did I miss?
Thank you!
I just had a quick look at
easy-rsasource code I found this:Apparently it will just ignore
EASYRSA_REQ_CNwhen not running in batch mode (EASYRSA_BATCH). This must be some by-design decision that goes out of my understanding of the tool.For anyone facing the same issue, adding the following to your
varswill fix this:WARNING: when running in batch mode the tool won't ask for ANY user input and might destroy previous information / generate errors. Test your config before using this mode.
I assume that you want to generate a certificate request. I'm using EasyRSA 3.0.6 this way: