Easy-RSA (EN)

Easy-RSA

Easy-RSA is a command-line tool for managing PKI (Public Key Infrastructure) that simplifies certificate creation and management. It was specifically developed for use with OpenVPN and provides an easy way to create certificate authorities, server certificates, and client certificates. With Easy-RSA, administrators can configure certificates with various options such as passwords or expiration dates. The tool automates complex OpenSSL commands and makes certificate management accessible to less experienced users.

Certificate Lifecycle with Easy-RSA

stateDiagram-v2     [*] --> Initialisierung     Initialisierung --> CA_Erstellung: easyrsa init-pki     CA_Erstellung --> CA_Build: easyrsa build-ca     CA_Build --> Server_Zertifikat: easyrsa gen-req server     Server_Zertifikat --> Server_Sign: easyrsa sign-req server server     Server_Sign --> Client_Zertifikat: easyrsa gen-req client     Client_Zertifikat --> Client_Sign: easyrsa sign-req client client     Client_Sign --> Einsatz     Einsatz --> Ablauf: Zeitbasiert     Ablauf --> Verlängerung: easyrsa renew     Verlängerung --> Einsatz     Einsatz --> Widerruf: easyrsa revoke     Widerruf --> Archiv     Archiv --> [*] 

In Context

• Typically used together with OpenVPN, WireGuard, or other VPN solutions
• Related to: PKI, X.509, OpenSSL