diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2016-06-13 23:14:00 +0200 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2016-06-13 23:14:00 +0200 |
| commit | 08d9f95505bb11c3d1b6a8c649362ede7dab4138 (patch) | |
| tree | acc9aa7f86e28d61a0c3f26e30f8a07848f668a5 /config/lacme-certs.conf | |
| parent | d038f67d1e075010d36272595ea845e2f57e55ac (diff) | |
Rename ‘letsencrypt-tiny’ to ‘lacme’.
Diffstat (limited to 'config/lacme-certs.conf')
| -rw-r--r-- | config/lacme-certs.conf | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/config/lacme-certs.conf b/config/lacme-certs.conf new file mode 100644 index 0000000..fbce5e2 --- /dev/null +++ b/config/lacme-certs.conf @@ -0,0 +1,56 @@ +# Each non-default section denotes a separate certificate issuance. +# Options in the default section apply to each sections. + +# Message digest to sign the Certificate Signing Request with. +#hash = sha512 + +# Comma-separated list of Key Usages, see x509v3_config(5ssl). +#keyUsage = digitalSignature, keyEncipherment + +#[www] + +# Where to store the issued certificate (in PEM format). +#certificate = /etc/nginx/ssl/srv.pem + +# Where to store the issued certificate, concatenated with the content +# of the file specified specified with the CAfile option (in PEM format). +#certificate-chain = /etc/nginx/ssl/srv.chain.pem + +# Path the service's private key. This option is required. +#certificate-key = /etc/nginx/ssl/srv.key + +# For an existing certificate, the minimum number of days before its +# expiration date the section is considered for re-issuance. +#min-days = 10 + +# Path to the issuer's certificate. This is used for certificate-chain +# and to verify the validity of each issued certificate. Specifying an +# empty value skip certificate validation. +#CAfile = /usr/share/lacme/lets-encrypt-x3-cross-signed.pem + +# Subject field of the Certificate Signing Request. This option is +# required. +#subject = /CN=example.org + +# Comma-separated list of Subject Alternative Names. +#subjectAltName = DNS:example.org,DNS:www.example.org + +# username[:groupname] to chown the issued certificate and +# certificate-chain with. +#chown = root:root + +# octal mode to chmod the issued certificate and certificate-chain with. +#chmod = 0644 + +# Command to pass the the system's command shell ("/bin/sh -c") after +# successful installation of the certificate and/or certificate-chain. +#notify = /bin/systemctl reload nginx + + +#[smtp] +#certificate-key = /etc/postfix/ssl/srv.key +#certificate-chain = /etc/postfix/ssl/srv.pem +#subject = /CN=smtp.example.org +#notify = /bin/systemctl reload postfix + +; vim:ft=dosini |