aboutsummaryrefslogtreecommitdiff
path: root/acme.conf
blob: b05faf396d1ae2fb934a6a1315b91f3cddf412c3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# global settings
set geracetime 1 week
listen on lo port 8443

# provider definitions
provider lev1 https://acme-v01.api.letsencrypt.org/directory
provider les  https://acme-staging.api.letsencrypt.org/directory default

# account definitions
account  webmaster@example.com key /etc/webmaster.key default
account mailmaster@example.com key /etc/mailmaster.key phone +12025551212

# hook definitions
hook nginx   "doas /etc/rc.d/nginx reload"
hook dovecot "doas /etc/rc.d/dovecot reload"
hook smtpd   "doas /etc/rc.d/smtpd reload"

# desire definitions
# full example
desire { www.example.com, example.com, www2.example.com } from les \
	as webmaster@example.com \
	key /etc/ssl/private/www_example_com.key \
	cert /etc/ssl/cert/www_example_com.pem \
	webroot /var/www/htdocs \
	hook nginx

# desire with prefix www implies altname without www
# short example, with default provider and account
desire www.example.net \
	key /etc/ssl/private/www_example_net.key \
	cert /etc/ssl/cert/www_example_net.pem

desire mail.example.com from les \
	as mailmaster@example.com \
	key /etc/ssl/private/mail_example_com.key \
	cert /etc/ssl/cert/mail_example_com.pem \
	hook { dovecot, smtpd }