diff options
| -rw-r--r-- | Changelog | 2 | ||||
| -rw-r--r-- | config/lacme-accountd.conf | 4 | ||||
| -rw-r--r-- | lacme-accountd.1.md | 11 | 
3 files changed, 9 insertions, 8 deletions
| @@ -5,6 +5,8 @@ lacme (0.7.1) upstream;   - documentation: suggest to generate private key material with     genpkey(1ssl); also suggest a command to generate an ECDSA key not     just RSA; hint at which key algorithms are supported. + - documentation: clarify that "file:/path/to/account.key" can point to +   a symmetrically-encrypted private key.   -- Guilhem Moulin <guilhem@fripost.org>  Wed, 09 Dec 2020 18:23:22 +0100 diff --git a/config/lacme-accountd.conf b/config/lacme-accountd.conf index 94d2556..7248eb5 100644 --- a/config/lacme-accountd.conf +++ b/config/lacme-accountd.conf @@ -1,8 +1,8 @@  # The value of "privkey" specifies the (private) account key to use  # for signing requests.  Currently supported values are:  # -#   - file:FILE, to specify an encrypted private key (in PEM format) -#   - gpg:FILE, to specify a gpg-encrypted private key (in PEM format) +#   - file:FILE, for a private key in PEM format (optionally encrypted) +#   - gpg:FILE, for a gpg-encrypted private key  #  #privkey = gpg:/path/to/encrypted/account.key.gpg  #privkey = file:/path/to/account.key diff --git a/lacme-accountd.1.md b/lacme-accountd.1.md index 359a6d1..560cfac 100644 --- a/lacme-accountd.1.md +++ b/lacme-accountd.1.md @@ -45,15 +45,14 @@ Options      file](#configuration-file)** section below for the configuration      options. -`--privkey=`*arg* +`--privkey=`*value*  :   Specify the (private) account key to use for signing requests. -    Currently supported *arg*uments are: +    Currently supported *value*s are: -    * `file:`*FILE*, to specify an encrypted private key (in PEM -      format); and -    * `gpg:`*FILE*, to specify a [`gpg`(1)]-encrypted private key (in -      PEM format). +    * `file:`*FILE*, for a private key in PEM format (optionally +      symmetrically encrypted) +    * `gpg:`*FILE*, for a [`gpg`(1)]-encrypted private key      The [`genpkey`(1ssl)] command can be used to generate a new private      (account) key: | 
