# configuration for certmasterd and certmaster-ca

[main]
listen_addr = 
listen_port = 51235
cert_extension = cert
sync_certs = False

# Use thse settings if no --ca flag provided
autosign = no
cadir = /etc/pki/certmaster/ca
cert_dir = /etc/pki/certmaster
certroot = /var/lib/certmaster/certmaster/certs
csrroot = /var/lib/certmaster/certmaster/csrs

# use these directories if '--ca=ldap' provided in the certmaster-ca commands
# [ca:ldap]
# autosign = yes
# cadir = /etc/pki/certmaster/ldap-ca
# cert_dir = /etc/pki/certmaster/ldap
# certroot = /var/lib/certmaster/ldap/certs
# csrroot = /var/lib/certmaster/ldap/csrs

# use these directories if '--ca=yourapp' provided in the certmaster-ca commands
# [ca:yourapp]
# autosign = yes
# cadir = /etc/pki/certmaster/yourapp-ca
# cert_dir = /etc/pki/certmaster/yourapp
# certroot = /var/lib/certmaster/yourapp/certs
# csrroot = /var/lib/certmaster/yourapp/csrs