X-Git-Url: https://pwan.org/git/?p=certmaster.git;a=blobdiff_plain;f=etc%2Fcertmaster.conf;h=e8d6c67f265569e29f4885586cc184a6309a508b;hp=76643769164faa2da937c2402125ed4ef672942e;hb=1b1b6f5733d65cbb73f48ac9b4419aba3dc00eee;hpb=48b1e96d3c66a1a733ca573505e7203651142308

diff --git a/etc/certmaster.conf b/etc/certmaster.conf
index 7664376..e8d6c67 100644
--- a/etc/certmaster.conf
+++ b/etc/certmaster.conf
@@ -1,12 +1,30 @@
 # configuration for certmasterd and certmaster-ca
 
 [main]
-autosign = no
 listen_addr = 
 listen_port = 51235
+cert_extension = cert
+sync_certs = False
+
+# Use thse settings if no --ca flag provided
+autosign = no
 cadir = /etc/pki/certmaster/ca
 cert_dir = /etc/pki/certmaster
 certroot = /var/lib/certmaster/certmaster/certs
 csrroot = /var/lib/certmaster/certmaster/csrs
-cert_extension = cert
 
+# use these directories if '--ca=ldap' provided in the certmaster-ca commands
+# [ca:ldap]
+# autosign = yes
+# cadir = /etc/pki/certmaster/ldap-ca
+# cert_dir = /etc/pki/certmaster/ldap
+# certroot = /var/lib/certmaster/ldap/certs
+# csrroot = /var/lib/certmaster/ldap/csrs
+
+# use these directories if '--ca=yourapp' provided in the certmaster-ca commands
+# [ca:yourapp]
+# autosign = yes
+# cadir = /etc/pki/certmaster/yourapp-ca
+# cert_dir = /etc/pki/certmaster/yourapp
+# certroot = /var/lib/certmaster/yourapp/certs
+# csrroot = /var/lib/certmaster/yourapp/csrs