X-Git-Url: https://pwan.org/git/?p=certmaster.git;a=blobdiff_plain;f=etc%2Fcertmaster.conf;h=e8d6c67f265569e29f4885586cc184a6309a508b;hp=71b20686f5eacbcffc176e8e33ab273f92e4758a;hb=1b1b6f5733d65cbb73f48ac9b4419aba3dc00eee;hpb=697402da24ca930b3608359a61b9872fdddc62d9

diff --git a/etc/certmaster.conf b/etc/certmaster.conf
index 71b2068..e8d6c67 100644
--- a/etc/certmaster.conf
+++ b/etc/certmaster.conf
@@ -1,7 +1,30 @@
+# configuration for certmasterd and certmaster-ca
+
 [main]
 listen_addr = 
-cadir = /etc/pki/func/ca
-certroot = /var/lib/func/certmaster/certs
-csrroot = /var/lib/func/certmaster/csrs
+listen_port = 51235
+cert_extension = cert
+sync_certs = False
+
+# Use thse settings if no --ca flag provided
 autosign = no
+cadir = /etc/pki/certmaster/ca
+cert_dir = /etc/pki/certmaster
+certroot = /var/lib/certmaster/certmaster/certs
+csrroot = /var/lib/certmaster/certmaster/csrs
+
+# use these directories if '--ca=ldap' provided in the certmaster-ca commands
+# [ca:ldap]
+# autosign = yes
+# cadir = /etc/pki/certmaster/ldap-ca
+# cert_dir = /etc/pki/certmaster/ldap
+# certroot = /var/lib/certmaster/ldap/certs
+# csrroot = /var/lib/certmaster/ldap/csrs
 
+# use these directories if '--ca=yourapp' provided in the certmaster-ca commands
+# [ca:yourapp]
+# autosign = yes
+# cadir = /etc/pki/certmaster/yourapp-ca
+# cert_dir = /etc/pki/certmaster/yourapp
+# certroot = /var/lib/certmaster/yourapp/certs
+# csrroot = /var/lib/certmaster/yourapp/csrs