From e8980fb172221cbffd7fa672d65da0a806524e72 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Wed, 9 Dec 2020 19:36:06 +0100 Subject: documentation: clarify that "file:/path/to/account.key" can point to a symmetrically-encrypted private key. --- Changelog | 2 ++ config/lacme-accountd.conf | 4 ++-- lacme-accountd.1.md | 11 +++++------ 3 files changed, 9 insertions(+), 8 deletions(-) diff --git a/Changelog b/Changelog index 39df738..a2cd0bb 100644 --- a/Changelog +++ b/Changelog @@ -5,6 +5,8 @@ lacme (0.7.1) upstream; - documentation: suggest to generate private key material with genpkey(1ssl); also suggest a command to generate an ECDSA key not just RSA; hint at which key algorithms are supported. + - documentation: clarify that "file:/path/to/account.key" can point to + a symmetrically-encrypted private key. -- Guilhem Moulin Wed, 09 Dec 2020 18:23:22 +0100 diff --git a/config/lacme-accountd.conf b/config/lacme-accountd.conf index 94d2556..7248eb5 100644 --- a/config/lacme-accountd.conf +++ b/config/lacme-accountd.conf @@ -1,8 +1,8 @@ # The value of "privkey" specifies the (private) account key to use # for signing requests. Currently supported values are: # -# - file:FILE, to specify an encrypted private key (in PEM format) -# - gpg:FILE, to specify a gpg-encrypted private key (in PEM format) +# - file:FILE, for a private key in PEM format (optionally encrypted) +# - gpg:FILE, for a gpg-encrypted private key # #privkey = gpg:/path/to/encrypted/account.key.gpg #privkey = file:/path/to/account.key diff --git a/lacme-accountd.1.md b/lacme-accountd.1.md index 359a6d1..560cfac 100644 --- a/lacme-accountd.1.md +++ b/lacme-accountd.1.md @@ -45,15 +45,14 @@ Options file](#configuration-file)** section below for the configuration options. -`--privkey=`*arg* +`--privkey=`*value* : Specify the (private) account key to use for signing requests. - Currently supported *arg*uments are: + Currently supported *value*s are: - * `file:`*FILE*, to specify an encrypted private key (in PEM - format); and - * `gpg:`*FILE*, to specify a [`gpg`(1)]-encrypted private key (in - PEM format). + * `file:`*FILE*, for a private key in PEM format (optionally + symmetrically encrypted) + * `gpg:`*FILE*, for a [`gpg`(1)]-encrypted private key The [`genpkey`(1ssl)] command can be used to generate a new private (account) key: -- cgit v1.2.3