freeipa/install/share/pki-acme-configsources.conf.template
Fraser Tweedale 00a84464ea acme: configure engine.conf and disable by default
When deploying ACME set up configsources.conf to retrieve engine
configuration from engine.conf.  In the initial configuration, the
ACME service is disabled (i.e. it will refuse to service requests).

A subsequent commit will add command(s) for flipping the ACME
service on or off (on a per-server basis).  Later we will move to
LDAP configuration so that management of the ACME service is
deployment-wide.

The default configuration also disables issuance of wildcard
certificates.

Part of: https://pagure.io/freeipa/issue/4751

Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2020-07-10 08:33:22 -04:00

3 lines
119 B
Plaintext

engine.class=org.dogtagpki.acme.server.ACMEEngineConfigFileSource
engine.filename=/etc/pki/pki-tomcat/acme/engine.conf