27 lines
401 B
Bash
Executable File
27 lines
401 B
Bash
Executable File
#!/bin/bash
|
|
|
|
#
|
|
# Initialize the EasyRSA PKI
|
|
#
|
|
|
|
if [ "$DEBUG" == "1" ]; then
|
|
set -x
|
|
else
|
|
exec 2> /dev/null
|
|
fi
|
|
|
|
set -e
|
|
|
|
# Provides a sufficient warning before erasing pre-existing files
|
|
easyrsa init-pki
|
|
|
|
# we rely on external KMS
|
|
echo "BastionOpenVPNRootCA" | easyrsa build-ca nopass
|
|
|
|
easyrsa gen-dh
|
|
openvpn --genkey secret $EASYRSA_PKI/ta.key
|
|
|
|
easyrsa gen-crl
|
|
|
|
echo "Successfully bootstrapped PKI"
|