v3.0.0

This is the official Easy-RSA 3.0 release. The changes between rc2 and this release are relatively minor. The notable changes are:

• -utf8 is now the default. This shouldn't break ASCII but will now support international character strings.
• The private keys are now encrypted with aes256 by default, replacing the former default, 3des

v3.0.0-rc2

rc2 is the second pre-release in the 3.0 series. A number of fixes have been made; see the ChangeLog for full detials.

Open issues preventing a production-ready release are noted in the KNOWN_ISSUES file.

Notable fixes since 3.0.0-rc1 include:

• Fixed support for OpenSSL 0.9.8
• PKCS#7 support
• Support to change private key passphrases
• Other assorted fixes and doc updates

v3.0.0-rc1

This is the first release in the 3.x series. This "rc1" release is a release candidate; provided there are no notable issues to be fixed, this release is slated to become the official 3.0.0 release. If changes are deemed necessary they will be made, possibly with further rc-releases.

The following Feature Highlights are taken from the EasyRSA-Readme document:

• Easy-RSA is able to manage multiple PKIs, each with their own independent
  configuration, storage directory, and X.509 extension handling.
• Multiple Subject Name (X.509 DN field) formatting options are supported. For
  VPNs, this means a cleaner commonName only setup can be used.
• A single backend is used across all supported platforms, ensuring that no
  platform is 'left out' of the rich features. Unix-alikes (BSD, Linux, etc)
  and Windows are all supported.
• Easy-RSA's X.509 support includes CRL, CDP, keyUsage/eKu attributes, and
  additional features. The included support can be changed or extended as an
  advanced feature.
• Interactive and automated (batch) modes of operation
• Flexible configuration: features can be enabled through command-line
  options, environment variables, a config file, or a combination of these.
• Built-in defaults allow Easy-RSA to be used without first editing a config
  file.

2.2.2

Repackage with a minor CA commit. NOTE: 2.2.1 was released as empty zip files. No use with that!

*** The 2.2.2 original windows builds have been removed as they were missing the openssl configuration files. A new 2.2.2-1 windows build has been published below. ***

This is primarily a maintenance release in preparation of a 2.x branch and the introduction of a 3.x codebase. In addition, there are now two distinct release files, one bundles for Windows and the other bundled for *nix OSes.

• Change key size from 1024 to 2048 bits
• code styling changes (whitespace/tabbing,heredocs)
• minor changes to the Makefile