X-Git-Url: https://pwan.org/git/?p=certmaster.git;a=blobdiff_plain;f=etc%2Fcertmaster.conf;h=e8d6c67f265569e29f4885586cc184a6309a508b;hp=cfdca9dc959383e78b3bb25b47981a18c35e8d41;hb=1b1b6f5733d65cbb73f48ac9b4419aba3dc00eee;hpb=fbd4bc1fe300150b55255d5af80052601dfbcd77

diff --git a/etc/certmaster.conf b/etc/certmaster.conf
index cfdca9d..e8d6c67 100644
--- a/etc/certmaster.conf
+++ b/etc/certmaster.conf
@@ -1,12 +1,30 @@
 # configuration for certmasterd and certmaster-ca
 
 [main]
-autosign = no
 listen_addr = 
 listen_port = 51235
+cert_extension = cert
+sync_certs = False
+
+# Use thse settings if no --ca flag provided
+autosign = no
 cadir = /etc/pki/certmaster/ca
 cert_dir = /etc/pki/certmaster
 certroot = /var/lib/certmaster/certmaster/certs
 csrroot = /var/lib/certmaster/certmaster/csrs
-cert_extension = cert
-sync_certs = False
+
+# use these directories if '--ca=ldap' provided in the certmaster-ca commands
+# [ca:ldap]
+# autosign = yes
+# cadir = /etc/pki/certmaster/ldap-ca
+# cert_dir = /etc/pki/certmaster/ldap
+# certroot = /var/lib/certmaster/ldap/certs
+# csrroot = /var/lib/certmaster/ldap/csrs
+
+# use these directories if '--ca=yourapp' provided in the certmaster-ca commands
+# [ca:yourapp]
+# autosign = yes
+# cadir = /etc/pki/certmaster/yourapp-ca
+# cert_dir = /etc/pki/certmaster/yourapp
+# certroot = /var/lib/certmaster/yourapp/certs
+# csrroot = /var/lib/certmaster/yourapp/csrs