# Test that the script works with external dns provider and staging server
#
CA="https://acme-staging-v02.api.letsencrypt.org/directory"

VALIDATE_VIA_DNS=true
DNS_ADD_COMMAND="/getssl/dns_scripts/dns_add_duckdns"
DNS_DEL_COMMAND="/getssl/dns_scripts/dns_del_duckdns"
PUBLIC_DNS_SERVER=ns2.duckdns.org
CHECK_ALL_AUTH_DNS=true
DNS_EXTRA_WAIT=60

ACCOUNT_KEY_TYPE="rsa"
PRIVATE_KEY_ALG="rsa"

# Additional domains - this could be multiple domains / subdomains in a comma separated list
SANS=""

# Acme Challenge Location. The first line for the domain, the following ones for each additional domain.
ACL=('/var/www/html/.well-known/acme-challenge')

#Set USE_SINGLE_ACL="true" to use a single ACL for all checks
USE_SINGLE_ACL="false"

# Location for all your certs, these can either be on the server (full path name)
# or using ssh /sftp as for the ACL
DOMAIN_CERT_LOCATION="/etc/nginx/pki/server.crt"
DOMAIN_KEY_LOCATION="/etc/nginx/pki/private/server.key"
CA_CERT_LOCATION="/etc/nginx/pki/chain.crt"
DOMAIN_CHAIN_LOCATION="" # this is the domain cert and CA cert
DOMAIN_PEM_LOCATION="" # this is the domain_key, domain cert and CA cert

# The command needed to reload apache / nginx or whatever you use
RELOAD_CMD="cp /getssl/test/test-config/nginx-ubuntu-ssl ${NGINX_CONFIG} && /getssl/test/restart-nginx"

# Define the server type and confirm correct certificate is installed (using a custom port)
SERVER_TYPE="https"
CHECK_REMOTE="true"