# Directory containing the files needed to generate new certificates.
# DEFAULT: ../lib/<script_name> relative to the directory containing the script
# itself.
#workdir=../lib/ssl_mgmt
#workDir=/usr/lib/ssl_mgmt

# Directory where to store new certificates
# DEFAULT: /etc/ssl/certs
#certDestDir=/etc/ssl/certs

# Directory where to store new keys (private part of certificates)
# DEFAULT: /etc/ssl/private
#keyDestDir=/etc/ssl/private

# Path to the root certificate file
# DEFAULT: $certDestDir/ca-cert.pem
#CACertPath=$certDestDir/ca-cert.pem

# Path to the root certificate key file
# DEFAULT: $keyDestDir/ca-key.pem
#CAKeyPath=$keyDestDir/ca-key.pem

# Path to the file containing the password of the root certificate key
# DEFAULT: <none>
#rootCAPwdPath=

# List of certificate handled by ssl_mgmt. This list is used by the command
# renew all to determine the certificates that need to be renewed.
# DEFAULT: <none>
#managedCerts=

# ID of the key to use to sign the message sent to $notifiedUsers when a
# certificate is created or renewed.
# DEFAULT: <none>
#keyId=

# File containing the password to unlock the key to sign the message sent to
# $notifiedUsers when a certificate is created or renewed.
# DEFAULT: read from STDIN
#keyPwdPath=

# List of users to be notified when a certificate is created or renewed.
# DEFAULT: <none>
#notifiedUsers=

# Subject of the mail sent to the users specified in $notifiedUsers when a
# certificate is created or renewed.
# DEFAULT: 'New fingerprint for service $service'
#notifySubject='New fingerprint for service $service'

# Template of the body of the mail sent to the users specified in
# $notifiedUsers when a certificate is created or renewed.
# DEFAULT: 'Certificate for $service has changed.
# The fingerprint of the new certificate is:
#
# $fingerprint'
#notifyTemplate='Certificate for $service has changed.
#The fingerprint of the new certificate is:
#
#$fingerprint'