--- a/easy-rsa/2.0/build-ca
+++ b/easy-rsa/2.0/build-ca
-@@ -1,8 +1,8 @@
--#!/bin/bash
-+#!/bin/sh
-
- #
- # Build a root certificate
+@@ -5,4 +5,4 @@
#
export EASY_RSA="${EASY_RSA:-.}"
+"/usr/sbin/pkitool" --interact --initca $*
--- a/easy-rsa/2.0/build-dh
+++ b/easy-rsa/2.0/build-dh
-@@ -1,4 +1,6 @@
--#!/bin/bash
-+#!/bin/sh
-+
-+. /etc/easy-rsa/vars
+@@ -1,5 +1,7 @@
+ #!/bin/sh
++. /etc/easy-rsa/vars
++
# Build Diffie-Hellman parameters for the server side
# of an SSL/TLS connection.
+
--- a/easy-rsa/2.0/build-inter
+++ b/easy-rsa/2.0/build-inter
-@@ -1,7 +1,7 @@
--#!/bin/bash
-+#!/bin/sh
-
- # Make an intermediate CA certificate/private key pair using a locally generated
+@@ -4,4 +4,4 @@
# root certificate.
export EASY_RSA="${EASY_RSA:-.}"
+"/usr/sbin/pkitool" --interact --inter $*
--- a/easy-rsa/2.0/build-key
+++ b/easy-rsa/2.0/build-key
-@@ -1,7 +1,7 @@
--#!/bin/bash
-+#!/bin/sh
-
- # Make a certificate/private key pair using a locally generated
+@@ -4,4 +4,4 @@
# root certificate.
export EASY_RSA="${EASY_RSA:-.}"
+"/usr/sbin/pkitool" --interact $*
--- a/easy-rsa/2.0/build-key-pass
+++ b/easy-rsa/2.0/build-key-pass
-@@ -1,7 +1,7 @@
--#!/bin/bash
-+#!/bin/sh
-
- # Similar to build-key, but protect the private key
+@@ -4,4 +4,4 @@
# with a password.
export EASY_RSA="${EASY_RSA:-.}"
+"/usr/sbin/pkitool" --interact --pass $*
--- a/easy-rsa/2.0/build-key-pkcs12
+++ b/easy-rsa/2.0/build-key-pkcs12
-@@ -1,8 +1,8 @@
--#!/bin/bash
-+#!/bin/sh
-
- # Make a certificate/private key pair using a locally generated
- # root certificate and convert it to a PKCS #12 file including the
+@@ -5,4 +5,4 @@
# the CA certificate as well.
export EASY_RSA="${EASY_RSA:-.}"
+"/usr/sbin/pkitool" --interact --pkcs12 $*
--- a/easy-rsa/2.0/build-key-server
+++ b/easy-rsa/2.0/build-key-server
-@@ -1,4 +1,4 @@
--#!/bin/bash
-+#!/bin/sh
-
- # Make a certificate/private key pair using a locally generated
- # root certificate.
@@ -7,4 +7,4 @@
# extension in the openssl.cnf file.
+"/usr/sbin/pkitool" --interact --server $*
--- a/easy-rsa/2.0/build-req
+++ b/easy-rsa/2.0/build-req
-@@ -1,7 +1,7 @@
--#!/bin/bash
-+#!/bin/sh
-
- # Build a certificate signing request and private key. Use this
+@@ -4,4 +4,4 @@
# when your root certificate and key is not available locally.
export EASY_RSA="${EASY_RSA:-.}"
+"/usr/sbin/pkitool" --interact --csr $*
--- a/easy-rsa/2.0/build-req-pass
+++ b/easy-rsa/2.0/build-req-pass
-@@ -1,7 +1,7 @@
--#!/bin/bash
-+#!/bin/sh
-
- # Like build-req, but protect your private key
+@@ -4,4 +4,4 @@
# with a password.
export EASY_RSA="${EASY_RSA:-.}"
+"/usr/sbin/pkitool" --interact --csr --pass $*
--- a/easy-rsa/2.0/clean-all
+++ b/easy-rsa/2.0/clean-all
-@@ -1,4 +1,6 @@
--#!/bin/bash
-+#!/bin/sh
-+
-+. /etc/easy-rsa/vars
+@@ -1,5 +1,7 @@
+ #!/bin/sh
++. /etc/easy-rsa/vars
++
# Initialize the $KEY_DIR directory.
# Note that this script does a
+ # rm -rf on $KEY_DIR so be careful!
--- a/easy-rsa/2.0/inherit-inter
+++ b/easy-rsa/2.0/inherit-inter
-@@ -1,4 +1,6 @@
--#!/bin/bash
-+#!/bin/sh
-+
-+. /etc/easy-rsa/vars
+@@ -1,5 +1,7 @@
+ #!/bin/sh
++. /etc/easy-rsa/vars
++
# Build a new PKI which is rooted on an intermediate certificate generated
# by ./build-inter or ./pkitool --inter from a parent PKI. The new PKI should
+ # have independent vars settings, and must use a different KEY_DIR directory
--- a/easy-rsa/2.0/list-crl
+++ b/easy-rsa/2.0/list-crl
-@@ -1,4 +1,6 @@
--#!/bin/bash
-+#!/bin/sh
-+
-+. /etc/easy-rsa/vars
+@@ -1,5 +1,7 @@
+ #!/bin/sh
++. /etc/easy-rsa/vars
++
# list revoked certificates
+ CRL="${1:-crl.pem}"
--- a/easy-rsa/2.0/pkitool
+++ b/easy-rsa/2.0/pkitool
@@ -1,5 +1,7 @@
# session authentication and key exchange,
--- a/easy-rsa/2.0/revoke-full
+++ b/easy-rsa/2.0/revoke-full
-@@ -1,4 +1,6 @@
--#!/bin/bash
-+#!/bin/sh
-+
-+. /etc/easy-rsa/vars
+@@ -1,5 +1,7 @@
+ #!/bin/sh
++. /etc/easy-rsa/vars
++
# revoke a certificate, regenerate CRL,
# and verify revocation
+
--- a/easy-rsa/2.0/sign-req
+++ b/easy-rsa/2.0/sign-req
-@@ -1,7 +1,7 @@
--#!/bin/bash
-+#!/bin/sh
-
- # Sign a certificate signing request (a .csr file)
+@@ -4,4 +4,4 @@
# with a local root certificate and key.
export EASY_RSA="${EASY_RSA:-.}"