aboutsummaryrefslogtreecommitdiffstats
path: root/domains.conf.sample
diff options
context:
space:
mode:
Diffstat (limited to 'domains.conf.sample')
-rw-r--r--domains.conf.sample45
1 files changed, 3 insertions, 42 deletions
diff --git a/domains.conf.sample b/domains.conf.sample
index 5eb66d4..59ce539 100644
--- a/domains.conf.sample
+++ b/domains.conf.sample
@@ -5,52 +5,13 @@
# syntax here.
#
# Empty lines and lines beginning with a '#' character are ignored.
-
-##
-# Each line specifies one certificate as a series of whitespace-separated
-# fields. The first field is the certificate name, which is used internally
-# by lfacme in the certificate filename, but is not part of the certificate
-# itself.
#
-# The remaining fields are either certificate options or subject alt names for
-# the certificate.
-#
-# If no subject alt names are provided, then the certificate name is used as
-# the common name and subject alt name. Otherwise, the first subject alt name
-# is used as the common name.
+# A few examples are provided here; see acme.conf(5) for complete documentation.
-##
-# Supported options:
-#
-# type=ec Generate a secp384r1 ECDSA private key.
-# (This is the default.)
-#
-# type=rsa Generate a 3072-bit RSA private key.
-#
-# hook=<name> Run the hook '<name>' after (re)issuing this certificate.
-# If <name> begins with a '/' then it is an absolute path,
-# otherwise it is relative to $ACME_HOOKDIR.
-# This option may be given multiple times.
-#
-# challenge=<name>
-# Use <name> as the challenge handler. If <name> begins
-# with '/' then it is an absolute path, otherwise it will
-# be searched for in /usr/local/share/lfacme/challenge/,
-# then /usr/local/etc/lfacme/challenge/.
-#
-# The challenge handler is passed to uacme(1), so you can use
-# any uacme-compatible handler here.
-#
-# Two handlers are supplied with lfacme: "http" and "kerberos".
-# The default handler is "http".
-##
-# A certificate name of "*" can be used to set the default options for any
-# following certificates. Each "*" line replaces the previous default
-# options. You can specify subject alt names here as well.
-#
-# For example, to use RSA (instead of the default ECDSA) for all certificates:
+# To use RSA (instead of the default ECDSA) for all certificates:
* type=rsa
+
# To use HTTP for all challenges:
* challenge=http