48 lines
1.2 KiB
Text
48 lines
1.2 KiB
Text
# The settings in this file can be used to override those in the global config file in /etc/dehydrated
|
|
|
|
# Which challenge should be used?
|
|
# Supported values: http-01, dns-01, tls-alpn-01.
|
|
# Default: http-01
|
|
#CHALLENGETYPE="http-01"
|
|
|
|
# Default keysize for private keys.
|
|
# Default: 4096
|
|
#KEYSIZE="4096"
|
|
|
|
# Program or function called at certain stages of processing.
|
|
# BASEDIR and WELLKNOWN variables are exported and can be used in an external program.
|
|
# Default: <unset>
|
|
#HOOK=""
|
|
|
|
# Chain clean_challenge|deploy_challenge arguments together into one hook call per certificate?
|
|
# Default: no
|
|
#HOOK_CHAIN="no"
|
|
|
|
# Minimum days before expiration to automatically renew certificate.
|
|
# Default: 30
|
|
#RENEW_DAYS="30"
|
|
|
|
# Regenerate private keys instead of just signing new certificates on renewal?
|
|
# Default: yes
|
|
PRIVATE_KEY_RENEW="no"
|
|
|
|
# Create an extra private key for rollover?
|
|
# Default: no
|
|
#PRIVATE_KEY_ROLLOVER="no"
|
|
|
|
# Which public key algorithm should be used?
|
|
# Supported: rsa, prime256v1, secp384r1.
|
|
# Default: rsa
|
|
KEY_ALGO="prime256v1"
|
|
|
|
# Option to add CSR-flag indicating OCSP stapling to be mandatory.
|
|
# Default: no
|
|
#OCSP_MUST_STAPLE="no"
|
|
|
|
# Fetch OCSP responses.
|
|
# Default: no
|
|
#OCSP_FETCH="no"
|
|
|
|
# OCSP refresh interval, in days.
|
|
# Default: 5
|
|
#OCSP_DAYS="5"
|