diff --git a/README.md b/README.md index 347f884..0c3fedf 100644 --- a/README.md +++ b/README.md @@ -65,7 +65,7 @@ By default the directory (work_dir) containing the working data (csr,certificate | --revoke-reason | **c** | Provide a reason code for the revocation (see https://tools.ietf.org/html/rfc5280#section-5.3.1 for valid values) | | | domain (san-domain...): | **d** | (domainconfig section start) Domains to use in the cert request. This value will be MD5-hashed as cert_id. | | | api | d,**g** | Determines the API version used | v2 | -| authority | d,**g** | URL to the certificate authorities API | https://acme-v02.api.letsencrypt.org | +| authority | d,**g** | URL to the certificate authorities ACME API root (without trailing /directory or similar) | https://acme-v02.api.letsencrypt.org | | authority_tos_agreement | d,**g**,c | Indicates agreement to the ToS of the certificate authority (--authority-tos-agreement on command line) | | | authority_contact_email | d,**g** | (v2 API only) Contact e-mail to be registered with your account key | | | account_key | d,**g** | Path to the account key | {work_dir}/account.key | diff --git a/docs/domain.yaml b/docs/domain.yaml index 801d5a8..6c7e442 100644 --- a/docs/domain.yaml +++ b/docs/domain.yaml @@ -68,3 +68,12 @@ mail.example.com smtp.example.com webmail.example.net *.intra.example.com: perm: '400' format: crt,ca action: '/etc/init.d/postfix reload' + +# this will use a different authority for the following set of domains (buypass.com in this example) +buypass-example.com *.buypass-example.com: +- authority: 'https://api.buypass.com/acme' # Removed trailing /directory from buypass docs for API endpoint + mode: dns.nsupdate + nsupdate_keyname: buypass + nsupdate_keyvalue: Test1234512359== + nsupdate_keyalgorithm: HMAC-MD5.SIG-ALG.REG.INT +