*** UNIX MANUAL PAGE BROWSER ***

A Nergahak database for man pages research.

Navigation

Location: Home > OpenBSD > Section 5 > acme-client.conf
Quick Actions: [Home] [Up]

Directory Browser

1Browse 4.4BSD4.4BSD
1Browse Digital UNIXDigital UNIX 4.0e
1Browse FreeBSDFreeBSD 14.3
1Browse MINIXMINIX 3.4.0rc6-d5e4fc0
1Browse NetBSDNetBSD 10.1
1Browse OpenBSDOpenBSD 7.7
1Browse UNIX v7Version 7 UNIX
1Browse UNIX v10Version 10 UNIX

Manual Page Search

Manual Page Result

0 Command: acme-client.conf | Section: 5 | Source: OpenBSD | File: acme-client.conf.5
ACME-CLIENT.CONF(5) FreeBSD File Formats Manual ACME-CLIENT.CONF(5) NAME acme-client.conf - acme-client configuration file DESCRIPTION The acme-client.conf file is divided into the following main sections: Macros User-defined variables may be defined and used later, simplifying the configuration file. Authorities Certificate authorities (CAs) that can be contacted via ACME. Domains Certificate specifications. Additional configuration files can be included with the include keyword, for example: include "/etc/acme-client.sub.conf" The current line can be extended over multiple lines using a backslash (`\'). Comments can be put anywhere in the file using a hash mark (`#'), and extend to the end of the current line. Care should be taken when commenting out multi-line text: the comment is effective until the end of the entire block. Argument names not beginning with a letter, digit, underscore, or '/' must be quoted. MACROS Macros can be defined that will later be expanded in context. Macro names must start with a letter, digit, or underscore, and may contain any of those characters. Macro names may not be reserved words. Macros are not expanded inside quotes. For example: api_url="https://acme-v02.api.letsencrypt.org/directory" authority letsencrypt { api url $api_url account key "/etc/acme/letsencrypt-privkey.pem" } AUTHORITIES The configured certificate authorities. Each authority section starts with a declaration of the name identifying a certificate authority. authority name {...} The name is a string used to reference this certificate authority. It is followed by a block of options enclosed in curly brackets: account key file [keytype] Specify a file used to identify the user of this certificate authority. keytype can be rsa or ecdsa. It defaults to rsa. api url url Specify the url under which the ACME API is reachable. contact contact Optional contact URLs that the authority can use to contact the client for issues related to this account. DOMAINS The certificates to be obtained through ACME. domain handle {...} Each domain section begins with the domain keyword followed by an identifier for this domain block. It is followed by a block of options enclosed in curly brackets: domain name name The name to be used as the common name component of the subject of the X.509 certificate. This is optional. If not specified, the handle of the domain block will be used as common name. alternative names {...} A list of alternative names, comma or space separated, for which the certificate will be valid. The common name is included automatically if this option is present, but there is no automatic conversion/inclusion between "www." and plain domain name forms. domain key file [keytype] The private key file for which the certificate will be obtained. keytype can be rsa or ecdsa. It defaults to rsa. If the key file does not exist, acme-client(1) will generate a key itself (4096-bit for rsa or secp384r1 for ecdsa). domain certificate file The filename of the certificate that will be issued. This is optional if domain full chain certificate is specified. A backup with name file.1 is created if file exists. domain chain certificate file The filename in which to store the certificate chain that will be returned by the certificate authority. It needs to be in the same directory as the domain certificate (or in a subdirectory) and can be specified as a relative or absolute path. This setting is optional. A backup with name file.1 is created if file exists. domain full chain certificate file The filename in which to store the full certificate chain that will be returned by the certificate authority. It needs to be in the same directory as the domain certificate (or in a subdirectory) and can be specified as a relative or absolute path. This is a combination of the domain certificate and the domain chain certificate in one file, and is required by most browsers. This is optional if domain certificate is specified. A backup with name file.1 is created if file exists. sign with authority The certificate authority (as declared above in the AUTHORITIES section) to use. If this setting is absent, the first authority specified is used. challengedir path The directory in which the challenge file will be stored. If it is not specified, a default of /var/www/acme will be used. FILES /etc/acme-client.conf acme-client(1) configuration file. /etc/examples/acme-client.conf Example configuration file. SEE ALSO acme-client(1) HISTORY The acme-client.conf file format first appeared in OpenBSD 6.1. FreeBSD 14.1-RELEASE-p8 January 11, 2021 FreeBSD 14.1-RELEASE-p8

Navigation Options

Actions: [Home] [Back] [New Search]
Browse: [Browse OpenBSD] [Section 5]
Print/Export: [Print] [Raw Text]
Date: 2025-08-18 Time: 21:46:22 SAST |
Page generated in 0.0191 seconds
Nergahak ManpageViewer v1.4
[Back to Top]