make the challenge handler configurable

perhaps one day we'll even support something other than Kerberos!
author: Lexi Winter <ivy@FreeBSD.org> 2025-06-03 10:49:05 +0100
committer: Lexi Winter <ivy@FreeBSD.org> 2025-06-03 10:49:05 +0100
commit: 99151a2db842a850a2860af3e77532370802ca69 (patch)
tree: a43f4ff44edd47a267a1a991046b26412dab00c0 /domains.conf.sample
parent: 29d14ef9b7b4c116e3cce031150d848d8e1c14eb (diff)
download: lfacme-99151a2db842a850a2860af3e77532370802ca69.tar.gz
lfacme-99151a2db842a850a2860af3e77532370802ca69.tar.bz2
1 files changed, 10 insertions, 0 deletions
diff --git a/domains.conf.sample b/domains.conf.sample
index 6dace98..41de581 100644
--- a/domains.conf.sample
+++ b/domains.conf.sample
@@ -31,6 +31,16 @@
 #		If <name> begins with a '/' then it is an absolute path,
 #		otherwise it is relative to $ACME_HOOKDIR.
 #		This option may be given multiple times.
+#
+# challenge=<name>
+# 		Use <name> as the challenge handler.  If <name> begins
+# 		with '/' then it is an absolute path, otherwise it will
+# 		be searched for in /usr/local/share/lfacme/challenge/
+# 		then /usr/local/etc/lfacme/challenge/.
+#
+# 		One challenge script is supplied with lfacme, "kerberos",
+# 		which uses Kerberized nsupdate(1) to respond to dns-01
+# 		challenges.
 
 # A certificate name of "*" can be used to set the default options for any
 # following certificates.  For example, to use RSA (instead of the default
author	Lexi Winter <ivy@FreeBSD.org>	2025-06-03 10:49:05 +0100
committer	Lexi Winter <ivy@FreeBSD.org>	2025-06-03 10:49:05 +0100
commit	99151a2db842a850a2860af3e77532370802ca69 (patch)
tree	a43f4ff44edd47a267a1a991046b26412dab00c0 /domains.conf.sample
parent	29d14ef9b7b4c116e3cce031150d848d8e1c14eb (diff)
download	lfacme-99151a2db842a850a2860af3e77532370802ca69.tar.gz lfacme-99151a2db842a850a2860af3e77532370802ca69.tar.bz2