download and install - TinCanTech/easy-tls GitHub Wiki

This page describes the various way to install Easy-TLS.

Pre-requisites:

• OpenVPN version 2.5+
• Easy-RSA version 3.0.5+
• OpenSSL version 1.1.0+

Windows notes:

• If you are using Windows then you must install Openvpn and Easy-RSA using the official Openvpn-Installer.
• You must install Easy-TLS into your Easy-RSA working directory. Default: C:\Program Files\Openvpn\easy-rsa

Client

Download: easytls to a new folder or Easy-RSA folder. This is the only file that a Client can use. (Generally, clients do not require any Easy-TLS files) All TLS-keys are produced by the Server. A Client can use Easy-TLS to create a self-signed certificate/key pair.

Server

Download: easytls to your easyrsa3 working directory.

For full support, you will also need these scripts for use by your OpenVPN Server:

• easytls-cryptv2-verify.sh (1) - Can be used stand-alone Used by Openvpn-Server to enforce TLS-Crypt-V2 metadata access policy rules.

• easytls-client-connect.sh (2) - Requires script (1)(3) Used by Openvpn-Server to enforce TLS-Key-type and address-filter access policy rules.

• easytls-client-disconnect.sh (3) - Requires script (1)(2) This Disconnect script is required by the Connect script.

• Optional - easytls-conntrac.lib - Requires script (1)(2)(3) Connection tracking plug-in, required for optional connection tracking.