diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2020-12-09 19:36:06 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2020-12-09 19:38:34 +0100 |
| commit | e8980fb172221cbffd7fa672d65da0a806524e72 (patch) | |
| tree | f8e909167c214155b23d419ab28e88f88d90bb9f | |
| parent | f4b7c7b6130722535cb87c123d11ba554e7806c7 (diff) | |
documentation: clarify that "file:/path/to/account.key" can point to a symmetrically-encrypted private key.
| -rw-r--r-- | Changelog | 2 | ||||
| -rw-r--r-- | config/lacme-accountd.conf | 4 | ||||
| -rw-r--r-- | lacme-accountd.1.md | 11 |
3 files changed, 9 insertions, 8 deletions
@@ -5,6 +5,8 @@ lacme (0.7.1) upstream; - documentation: suggest to generate private key material with genpkey(1ssl); also suggest a command to generate an ECDSA key not just RSA; hint at which key algorithms are supported. + - documentation: clarify that "file:/path/to/account.key" can point to + a symmetrically-encrypted private key. -- Guilhem Moulin <guilhem@fripost.org> Wed, 09 Dec 2020 18:23:22 +0100 diff --git a/config/lacme-accountd.conf b/config/lacme-accountd.conf index 94d2556..7248eb5 100644 --- a/config/lacme-accountd.conf +++ b/config/lacme-accountd.conf @@ -1,8 +1,8 @@ # The value of "privkey" specifies the (private) account key to use # for signing requests. Currently supported values are: # -# - file:FILE, to specify an encrypted private key (in PEM format) -# - gpg:FILE, to specify a gpg-encrypted private key (in PEM format) +# - file:FILE, for a private key in PEM format (optionally encrypted) +# - gpg:FILE, for a gpg-encrypted private key # #privkey = gpg:/path/to/encrypted/account.key.gpg #privkey = file:/path/to/account.key diff --git a/lacme-accountd.1.md b/lacme-accountd.1.md index 359a6d1..560cfac 100644 --- a/lacme-accountd.1.md +++ b/lacme-accountd.1.md @@ -45,15 +45,14 @@ Options file](#configuration-file)** section below for the configuration options. -`--privkey=`*arg* +`--privkey=`*value* : Specify the (private) account key to use for signing requests. - Currently supported *arg*uments are: + Currently supported *value*s are: - * `file:`*FILE*, to specify an encrypted private key (in PEM - format); and - * `gpg:`*FILE*, to specify a [`gpg`(1)]-encrypted private key (in - PEM format). + * `file:`*FILE*, for a private key in PEM format (optionally + symmetrically encrypted) + * `gpg:`*FILE*, for a [`gpg`(1)]-encrypted private key The [`genpkey`(1ssl)] command can be used to generate a new private (account) key: |