[defaults] gracetime = "1 week" listen = "localhost:8443" basedir = ".acme" # usually "/etc/ssl" provider = "les" account = "webmaster" keysize = 2048 [provider.lev1] directory = "https://acme-v01.api.letsencrypt.org/directory" [provider.les] directory = "https://acme-staging.api.letsencrypt.org/directory" [account.webmaster] mail = "webmaster@example.com" key = "private/webmaster.key" [account.postmaster] mail = "postmaster@example.com" phone = "+12025551212" key = "private/postmaster.key" [hook.nginx] cmd = "sudo service nginx reload" [hook.dovecot] cmd = "sudo service dovecot reload" [hook.smtpd] cmd = "sudo service smtpd reload" # long example [desire.com] provider = "les" account = "webmaster" altnames = [ "www.example.com", "example.com" ] key = "private/www_example_com.key" cert = "certs/www_example_com.pem" webroot = "/var/www/htdocs" hooks = [ "nginx" ] # short example, uses defaults [desire.net] altnames = [ "www.example.net" ] # www implies altname without www key = "private/www_example_net.key" cert = "certs/www_example_net.pem" hooks = [ "nginx" ] [desire.mail] provider = "les" account = "postmaster" altnames = [ "mail.example.com" ] key = "private/mail_example_com.key" cert = "certs/mail_example_com.pem" hooks = [ "dovecot", "smtpd" ]