+# configuration for certmasterd and certmaster-ca
+
[main]
listen_addr =
-cadir = /etc/pki/func/ca
-certroot = /var/lib/func/certmaster/certs
-csrroot = /var/lib/func/certmaster/csrs
+listen_port = 51235
+cert_extension = cert
+sync_certs = False
+
+# Use thse settings if no --ca flag provided
autosign = no
+cadir = /etc/pki/certmaster/ca
+cert_dir = /etc/pki/certmaster
+certroot = /var/lib/certmaster/certmaster/certs
+csrroot = /var/lib/certmaster/certmaster/csrs
+
+# use these directories if '--ca=ldap' provided in the certmaster-ca commands
+# [ca:ldap]
+# autosign = yes
+# cadir = /etc/pki/certmaster/ldap-ca
+# cert_dir = /etc/pki/certmaster/ldap
+# certroot = /var/lib/certmaster/ldap/certs
+# csrroot = /var/lib/certmaster/ldap/csrs
+# use these directories if '--ca=yourapp' provided in the certmaster-ca commands
+# [ca:yourapp]
+# autosign = yes
+# cadir = /etc/pki/certmaster/yourapp-ca
+# cert_dir = /etc/pki/certmaster/yourapp
+# certroot = /var/lib/certmaster/yourapp/certs
+# csrroot = /var/lib/certmaster/yourapp/csrs