projects
/
lets-encrypt-tiny.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
of course it is okay for that dir to already exist...
[lets-encrypt-tiny.git]
/
letsencrypt-tiny.conf.sample
diff --git
a/letsencrypt-tiny.conf.sample
b/letsencrypt-tiny.conf.sample
index 5369fdcde10b48458274cb8cdd2c811d027a8738..178eeadacf39fad7b9f2abd17e8a3e6e959e4b4b 100644
(file)
--- a/
letsencrypt-tiny.conf.sample
+++ b/
letsencrypt-tiny.conf.sample
@@
-11,7
+11,7
@@
key-length = 4096
[timing]
# After how many days should the private key be re-generated?
max-key-age-days = 180
[timing]
# After how many days should the private key be re-generated?
max-key-age-days = 180
-# How many hours should a new private key be left in staging?
(Must be set iff 'staging' is set in [files].)
+# How many hours should a new private key be left in staging?
Remove or set to 0 to enable immediate activation.
staging-hours = 25
# How many days before a certificate expires, should it be renewed?
renew-cert-before-expiry-days = 15
staging-hours = 25
# How many days before a certificate expires, should it be renewed?
renew-cert-before-expiry-days = 15
@@
-24,9
+24,8
@@
post-certchange = /home/user/letsencrypt/cert-hook
# Example usage: Updating TLSA records (with the selector being SubjectPublicKeyInfo) in the zone
post-keychange = /home/user/letsencrypt/key-hook
# Example usage: Updating TLSA records (with the selector being SubjectPublicKeyInfo) in the zone
post-keychange = /home/user/letsencrypt/key-hook
-# Parameters for acme-tiny <https://github.com/diafygi/acme-tiny/>
+# Parameters for
the embedded
acme-tiny <https://github.com/diafygi/acme-tiny/>
[acme]
[acme]
-acme-tiny = /home/user/letsencrypt/acme-tiny/
account-key = /etc/ssl/private/letsencrypt/account.key
challenge-dir = /srv/acme-challenge/
account-key = /etc/ssl/private/letsencrypt/account.key
challenge-dir = /srv/acme-challenge/
@@
-37,7
+36,7
@@
keys = /etc/ssl/private/letsencrypt
backups = /etc/ssl/old/letsencrypt
[files]
backups = /etc/ssl/old/letsencrypt
[files]
-# Base name of the live key and certificate
+# Base name of the live key and certificate
.
live = live
live = live
-# Base name of the staging key and certificate
(optional)
+# Base name of the staging key and certificate
. Used during generation of a new key, to avoid trouble if something fails there.
staging = staging
staging = staging