aboutsummaryrefslogtreecommitdiffstats
path: root/lacme.8.md
diff options
context:
space:
mode:
Diffstat (limited to 'lacme.8.md')
-rw-r--r--lacme.8.md26
1 files changed, 13 insertions, 13 deletions
diff --git a/lacme.8.md b/lacme.8.md
index 6218d36..4dfc67e 100644
--- a/lacme.8.md
+++ b/lacme.8.md
@@ -37,9 +37,9 @@ with its own executable:
For certificate issuances (`newOrder` command), it also generates
Certificate Signing Requests, then verifies the validity of the
issued certificate, and optionally reloads or restarts services when
- the *notify* option is set.
+ the *notify* setting is set.
- 3. An actual [ACME] client (specified with the *command* option of the
+ 3. An actual [ACME] client (specified with the *command* setting of the
[`[client]` section](#client-section) of the configuration file),
which builds [ACME] commands and dialogues with the remote [ACME]
server.
@@ -49,7 +49,7 @@ with its own executable:
requested by writing the data to be signed to the socket.
4. For certificate issuances (`newOrder` command), an optional
- webserver (specified with the *command* option of the [`[webserver]`
+ webserver (specified with the *command* setting of the [`[webserver]`
section](#webserver-section) of the configuration file), which is
spawned by the “master” `lacme`. (The only challenge type currently
supported by `lacme` is `http-01`, which requires a webserver to
@@ -95,8 +95,8 @@ Commands
account key or the server's private key.
Command alias: `revoke-cert`.
-Generic options
-===============
+Generic settings
+================
`--config=`*filename*
@@ -110,7 +110,7 @@ Generic options
connect to for signature requests from the [ACME] client. `lacme`
aborts if `path` is readable or writable by other users, or if its
parent directory is writable by other users.
- This command-line option overrides the *socket* option of the
+ This command-line option overrides the *socket* setting of the
[`[client]` section](#client-section) of the configuration file; it
also causes the [`[accountd]` section](#accountd-section) to be
ignored.
@@ -134,7 +134,7 @@ If `--config=` is not given, `lacme` uses the first existing
configuration file among *$XDG_CONFIG_HOME/lacme/lacme.conf* (or
*~/.config/lacme/lacme.conf* if the `XDG_CONFIG_HOME` environment
variable is not set), and *@@sysconfdir@@/lacme/lacme.conf*.
-Valid options are:
+Valid settings are:
Default section
---------------
@@ -247,7 +247,7 @@ served during certificate issuance.
lacme client user (by default `@@lacme_client_user@@`) needs to be
able to create files under it.
- This option is required when *listen* is empty.
+ This setting is required when *listen* is empty.
*user*
@@ -270,7 +270,7 @@ served during certificate issuance.
argument etc. (Note that `lacme` might append more arguments when
executing the command internally.)
A separate process is spawned for each address to *listen* on. (In
- particular no webserver process is forked when the *listen* option
+ particular no webserver process is forked when the *listen* setting
is empty.)
Default: `@@libexecdir@@/lacme/webserver`.
@@ -279,7 +279,7 @@ served during certificate issuance.
: Whether to automatically install temporary [`iptables`(8)] rules to
open the `ADDRESS[:PORT]` specified with *listen*. The rules are
automatically removed once `lacme` exits.
- This option is ignored when *challenge-directory* is set.
+ This setting is ignored when *challenge-directory* is set.
Default: `No`.
`[accountd]` section
@@ -327,7 +327,7 @@ For certificate issuances (`newOrder` command), a separate file is used
to configure paths to the certificate and key, as well as the subject,
subjectAltName, etc. to generate Certificate Signing Requests.
Each section denotes a separate certificate issuance.
-Valid options are:
+Valid settings are:
*certificate*
@@ -342,7 +342,7 @@ Valid options are:
*certificate-key*
-: Path to the service's private key. This option is required. The
+: Path to the service's private key. This setting is required. The
[`genpkey`(1ssl)] command can be used to generate a new service RSA
key:
@@ -377,7 +377,7 @@ Valid options are:
*subject*
: Subject field of the Certificate Signing Request, in the form
- `/type0=value0/type1=value1/type2=…`. This option is required.
+ `/type0=value0/type1=value1/type2=…`. This setting is required.
*subjectAltName*