do not keep CSRs

[lets-encrypt-tiny.git] / letsencrypt-tiny.conf.sample

diff --git a/letsencrypt-tiny.conf.sample b/letsencrypt-tiny.conf.sample
index 4c28d1782e7285de967b5fbae6d889193ac41163..5369fdcde10b48458274cb8cdd2c811d027a8738 100644 (file)
--- a/letsencrypt-tiny.conf.sample
+++ b/letsencrypt-tiny.conf.sample
@@ -11,7 +11,7 @@ key-length = 4096
 [timing]
 # After how many days should the private key be re-generated?
 max-key-age-days = 180
-# How many hours should a new private key be left in staging? (0 for no staging)
+# How many hours should a new private key be left in staging? (Must be set iff 'staging' is set in [files].)
 staging-hours = 25
 # How many days before a certificate expires, should it be renewed?
 renew-cert-before-expiry-days = 15
@@ -34,7 +34,6 @@ challenge-dir = /srv/acme-challenge/
 [dirs]
 certs = /etc/ssl/mycerts/letsencrypt
 keys = /etc/ssl/private/letsencrypt
-csrs = /etc/ssl/private/letsencrypt
 backups = /etc/ssl/old/letsencrypt
 
 [files]