NOTE: easy-rsa will require you to initialize a pki ONLY UPON FIRST USE.
The packaging itself no longer does this because that would confuse easy-rsa,
and easy-rsa expects the vars not to be per-installation, but per-PKI.

ONLY for the very first run for a new PKI, do something such as:

  easyrsa --pki-dir=~/my_new_pki init-pki # DANGEROUS - DESTROYS ~/my_new_pki
  which will copy vars.example both into ~/my_new_pki
  and create another copy named ~/my/new_pki/vars for you to edit for this PKI.

  Then, edit ~/my/new_pki/vars to set the defaults.

After upgrades, use other commands, explained by running: easyrsa help.
to explain options such as --pki-dir (see above), run: easyrsa help options