1 # A sample config file for letsencrypt-tiny
3 # List of domains for the cert to apply to.
8 # The length of secret RSA keys
12 # After how many days should the private key be re-generated?
13 max-key-age-days = 180
14 # How many hours should a new private key be left in staging? (0 for no staging)
16 # How many days before a certificate expires, should it be renewed?
17 renew-cert-before-expiry-days = 15
20 # Called after a new certificate has been obtained.
21 # Example usage: Reloading services, generating combined "certificate + key chain" file.
22 post-certchange = /home/user/letsencrypt/cert-hook
23 # Called after a new certificate has been obtained, *if* there also were changes in the private keys
24 # Example usage: Updating TLSA records (with the selector being SubjectPublicKeyInfo) in the zone
25 post-keychange = /home/user/letsencrypt/key-hook
27 # Parameters for acme-tiny <https://github.com/diafygi/acme-tiny/>
29 acme-tiny = /home/user/letsencrypt/acme-tiny/
30 account-key = /etc/ssl/private/letsencrypt/account.key
31 challenge-dir = /srv/acme-challenge/
33 # Where to store all the things.
35 certs = /etc/ssl/mycerts/letsencrypt
36 keys = /etc/ssl/private/letsencrypt
37 csrs = /etc/ssl/private/letsencrypt
38 backups = /etc/ssl/old/letsencrypt
41 # Base name of the live key and certificate
43 # Base name of the staging key and certificate (optional)