mirror of
https://github.com/moepman/acertmgr.git
synced 2024-12-27 11:51:50 +01:00
Clarify expected authority format (at least for v2) and add an example
This commit is contained in:
parent
6f0ccfdc91
commit
2d230e30d9
@ -65,7 +65,7 @@ By default the directory (work_dir) containing the working data (csr,certificate
|
|||||||
| --revoke-reason | **c** | Provide a reason code for the revocation (see https://tools.ietf.org/html/rfc5280#section-5.3.1 for valid values) | |
|
| --revoke-reason | **c** | Provide a reason code for the revocation (see https://tools.ietf.org/html/rfc5280#section-5.3.1 for valid values) | |
|
||||||
| domain (san-domain...): | **d** | (domainconfig section start) Domains to use in the cert request. This value will be MD5-hashed as cert_id. | |
|
| domain (san-domain...): | **d** | (domainconfig section start) Domains to use in the cert request. This value will be MD5-hashed as cert_id. | |
|
||||||
| api | d,**g** | Determines the API version used | v2 |
|
| api | d,**g** | Determines the API version used | v2 |
|
||||||
| authority | d,**g** | URL to the certificate authorities API | https://acme-v02.api.letsencrypt.org |
|
| authority | d,**g** | URL to the certificate authorities ACME API root (without trailing /directory or similar) | https://acme-v02.api.letsencrypt.org |
|
||||||
| authority_tos_agreement | d,**g**,c | Indicates agreement to the ToS of the certificate authority (--authority-tos-agreement on command line) | |
|
| authority_tos_agreement | d,**g**,c | Indicates agreement to the ToS of the certificate authority (--authority-tos-agreement on command line) | |
|
||||||
| authority_contact_email | d,**g** | (v2 API only) Contact e-mail to be registered with your account key | |
|
| authority_contact_email | d,**g** | (v2 API only) Contact e-mail to be registered with your account key | |
|
||||||
| account_key | d,**g** | Path to the account key | {work_dir}/account.key |
|
| account_key | d,**g** | Path to the account key | {work_dir}/account.key |
|
||||||
|
@ -68,3 +68,12 @@ mail.example.com smtp.example.com webmail.example.net *.intra.example.com:
|
|||||||
perm: '400'
|
perm: '400'
|
||||||
format: crt,ca
|
format: crt,ca
|
||||||
action: '/etc/init.d/postfix reload'
|
action: '/etc/init.d/postfix reload'
|
||||||
|
|
||||||
|
# this will use a different authority for the following set of domains (buypass.com in this example)
|
||||||
|
buypass-example.com *.buypass-example.com:
|
||||||
|
- authority: 'https://api.buypass.com/acme' # Removed trailing /directory from buypass docs for API endpoint
|
||||||
|
mode: dns.nsupdate
|
||||||
|
nsupdate_keyname: buypass
|
||||||
|
nsupdate_keyvalue: Test1234512359==
|
||||||
|
nsupdate_keyalgorithm: HMAC-MD5.SIG-ALG.REG.INT
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user