Tim Kimber
6 years ago
No known key found for this signature in database
GPG Key ID: 3E1804964E76BD18
1 changed files with 57 additions and 0 deletions
Split View
Diff Options
+ 57
- 0
test/test-config/getssl-dns01-dual-rsa-ecdsa.cfg
View File
| @ -0,0 +1,57 @@ | |||
| # Uncomment and modify any variables you need | |||
| # see https://github.com/srvrco/getssl/wiki/Config-variables for details | |||
| # see https://github.com/srvrco/getssl/wiki/Example-config-files for example configs | |||
| # | |||
| # The staging server is best for testing | |||
| #CA="https://acme-staging.api.letsencrypt.org" | |||
| # This server issues full certificates, however has rate limits | |||
| #CA="https://acme-v01.api.letsencrypt.org" | |||
| CA="https://pebble:14000/dir" | |||
| VALIDATE_VIA_DNS=true | |||
| DNS_ADD_COMMAND="/getssl/dns_scripts/dns_add_challtestsrv" | |||
| DNS_DEL_COMMAND="/getssl/dns_scripts/dns_del_challtestsrv" | |||
| DUAL_RSA_ECDSA="true" | |||
| ACCOUNT_KEY_TYPE="prime256v1" | |||
| PRIVATE_KEY_ALG="prime256v1" | |||
| #PRIVATE_KEY_ALG="rsa" | |||
| # Additional domains - this could be multiple domains / subdomains in a comma separated list | |||
| # Note: this is Additional domains - so should not include the primary domain. | |||
| SANS="" | |||
| # Acme Challenge Location. The first line for the domain, the following ones for each additional domain. | |||
| # If these start with ssh: then the next variable is assumed to be the hostname and the rest the location. | |||
| # An ssh key will be needed to provide you with access to the remote server. | |||
| # Optionally, you can specify a different userid for ssh/scp to use on the remote server before the @ sign. | |||
| # If left blank, the username on the local server will be used to authenticate against the remote server. | |||
| # If these start with ftp: then the next variables are ftpuserid:ftppassword:servername:ACL_location | |||
| # These should be of the form "/path/to/your/website/folder/.well-known/acme-challenge" | |||
| # where "/path/to/your/website/folder/" is the path, on your web server, to the web root for your domain. | |||
| ACL=('/var/www/html/.well-known/acme-challenge') | |||
| # 'ssh:server5:/var/www/getssltest.hopto.org/web/.well-known/acme-challenge' | |||
| # 'ssh:sshuserid@server5:/var/www/getssltest.hopto.org/web/.well-known/acme-challenge' | |||
| # 'ftp:ftpuserid:ftppassword:getssltest.hopto.org:/web/.well-known/acme-challenge') | |||
| #Set USE_SINGLE_ACL="true" to use a single ACL for all checks | |||
| USE_SINGLE_ACL="false" | |||
| # Location for all your certs, these can either be on the server (full path name) | |||
| # or using ssh /sftp as for the ACL | |||
| DOMAIN_CERT_LOCATION="/etc/nginx/pki/server.crt" | |||
| DOMAIN_KEY_LOCATION="/etc/nginx/pki/private/server.key" | |||
| CA_CERT_LOCATION="/etc/nginx/pki/chain.crt" | |||
| DOMAIN_CHAIN_LOCATION="" # this is the domain cert and CA cert | |||
| DOMAIN_PEM_LOCATION="" # this is the domain_key, domain cert and CA cert | |||
| # The command needed to reload apache / nginx or whatever you use | |||
| RELOAD_CMD="cp /getssl/test/test-config/nginx-ubuntu-ssl /etc/nginx/sites-enabled/default && service nginx restart" | |||
| # Define the server type. This can be https, ftp, ftpi, imap, imaps, pop3, pop3s, smtp, | |||
| # smtps_deprecated, smtps, smtp_submission, xmpp, xmpps, ldaps or a port number which | |||
| # will be checked for certificate expiry and also will be checked after | |||
| # an update to confirm correct certificate is running (if CHECK_REMOTE) is set to true | |||
| #SERVER_TYPE="https" | |||
| #CHECK_REMOTE="true" | |||