openSUSE Build Service

File cfssl.sysconfig of Package cfssl

## Path:	System/Security/cfssl
## Description:  certificate db configuration file
## Type:        string
## Default:     "/etc/cfssl/db.json"
## Config:      cfssl
## ServiceReload:	cfssl-serve,cfssl-ocspserve
#
# Will be used as:
#
#   -db-config="$CFSSL_DB_CONFIG"
#
CFSSL_DB_CONFIG="/etc/cfssl/db.json"

## Path:	System/Security/cfssl
## Description:  Log level (0 = DEBUG, 5 = FATAL)
## Type:        string
## Default:     "1"
## Config:      cfssl
## ServiceReload:	cfssl-serve,cfssl-ocspserve
#
# Will be used as:
#
#   -loglevel="$CFSSL_LOGLEVEL"
#
CFSSL_LOGLEVEL="1"

## Path:	System/Security/cfssl
## Description:  Port to bind
## Type:        string
## Default:     "8888"
## Config:      cfssl
## ServiceReload:	cfssl-serve
#
# Will be used as:
#
#   -port="$CFSSL_SERVE_PORT"
#
CFSSL_SERVE_PORT="8888"

## Path:	System/Security/cfssl
## Description:  Address to bind
## Type:        string
## Default:     "127.0.0.1"
## Config:      cfssl
## ServiceReload:	cfssl-serve
#
# Will be used as:
#
#   -address="$CFSSL_SERVE_ADDRESS"
#
CFSSL_SERVE_ADDRESS="127.0.0.1"

## Path:	System/Security/cfssl
## Description:  CA used to sign the new certificate -- accepts '[file:]fname' or 'env:varname'
## Type:        string
## Default:     "/etc/cfssl/certs/intermediates/ca-server.pem"
## Config:      cfssl
## ServiceReload:	cfssl-serve
#
# Will be used as:
#
#   -ca="$CFSSL_SERVE_CA"
#
CFSSL_SERVE_CA="/etc/cfssl/certs/intermediates/ca-server.pem"

## Path:	System/Security/cfssl
## Description:  CA private key -- accepts '[file:]fname' or 'env:varname'
## Type:        string
## Default:     "/etc/cfssl/certs/intermediates/ca-server-key.pem"
## Config:      cfssl
## ServiceReload:	cfssl-serve
#
# Will be used as:
#
#   -ca-key="$CFSSL_SERVE_CA_KEY"
#
CFSSL_SERVE_CA_KEY="/etc/cfssl/certs/intermediates/ca-server-key.pem"

## Path:	System/Security/cfssl
## Description:  path to root certificate store
## Type:        string
## Default:     ""
## Config:      cfssl
## ServiceReload:	cfssl-serve
#
# Will be used as:
#
#   -ca-bundle="$CFSSL_SERVE_CA_BUNDLE"
#
CFSSL_SERVE_CA_BUNDLE=""

## Path:	System/Security/cfssl
## Description:  Certificate for OCSP responder
## Type:        string
## Default:     "/etc/cfssl/certs/ocsp/server-ocsp.pem"
## Config:      cfssl
## ServiceReload:	cfssl-serve
#
# Will be used as:
#
#   -responder="$CFSSL_SERVE_RESPONDER"
#
CFSSL_SERVE_RESPONDER="/etc/cfssl/certs/ocsp/server-ocsp.pem"

## Path:	System/Security/cfssl
## Description:  private key for OCSP responder certificate
## Type:        string
## Default:     "/etc/cfssl/certs/ocsp/server-ocsp-key.pem"
## Config:      cfssl
## ServiceReload:	cfssl-serve
#
# Will be used as:
#
#   -responder-key="$CFSSL_SERVE_RESPONDER_KEY"
#
CFSSL_SERVE_RESPONDER_KEY="/etc/cfssl/certs/ocsp/server-ocsp-key.pem"

## Path:	System/Security/cfssl
## Description:  path to intermediate certificate store
## Type:        string
## Default:     ""
## Config:      cfssl
## ServiceReload:	cfssl-serve
#
# Will be used as:
#
#   -int-bundle="$CFSSL_SERVE_INT_BUNDLE"
#
CFSSL_SERVE_INT_BUNDLE=""

## Path:	System/Security/cfssl
## Description:  specify intermediates directory
## Type:        string
## Default:     ""
## Config:      cfssl
## ServiceReload:	cfssl-serve
#
# Will be used as:
#
#   -int-dir="$CFSSL_SERVE_INT_DIR"
#
CFSSL_SERVE_INT_DIR=""

## Path:	System/Security/cfssl
## Description:  Metadata file for root certificate presence. The content of the file is a json dictionary (k,v): each key k is SHA-1 digest of a root certificate while value v is a list of key store filenames.
## Type:        string
## Default:     ""
## Config:      cfssl
## ServiceReload:	cfssl-serve
#
# Will be used as:
#
#   -metadata="$CFSSL_SERVE_METADATA"
#
CFSSL_SERVE_METADATA=""

## Path:	System/Security/cfssl
## Description:  remote CFSSL server
## Type:        string
## Default:     ""
## Config:      cfssl
## ServiceReload:	cfssl-serve
#
# Will be used as:
#
#   -remote="$CFSSL_SERVE_REMOTE"
#
CFSSL_SERVE_REMOTE=""

## Path:	System/Security/cfssl
## Description:  Other endpoint CA private key
## Type:        string
## Default:     ""
## Config:      cfssl
## ServiceReload:	cfssl-serve
#
# Will be used as:
#
#   -tls-key="$CFSSL_SERVE_TLS_KEY"
#
CFSSL_SERVE_TLS_KEY=""

## Path:	System/Security/cfssl
## Description:  Other endpoint CA to set up TLS protocol
## Type:        string
## Default:     ""
## Config:      cfssl
## ServiceReload:	cfssl-serve
#
# Will be used as:
#
#   -tls-cert="$CFSSL_SERVE_TLS_CERT"
#
CFSSL_SERVE_TLS_CERT=""

## Path:	System/Security/cfssl
## Description:  Mutual TLS - require clients be signed by this CA 
## Type:        string
## Default:     ""
## Config:      cfssl
## ServiceReload:	cfssl-serve
#
# Will be used as:
#
#   -mutual-tls-ca="$CFSSL_SERVE_MUTUAL_TLS_CA"
#
CFSSL_SERVE_MUTUAL_TLS_CA=""

## Path:	System/Security/cfssl
## Description:  Mutual TLS - regex for whitelist of allowed client CNs
## Type:        string
## Default:     ""
## Config:      cfssl
## ServiceReload:	cfssl-serve
#
# Will be used as:
#
#   -mutual-tls-cn="$CFSSL_SERVE_MUTUAL_TLS_CN"
#
CFSSL_SERVE_MUTUAL_TLS_CN=""

## Path:	System/Security/cfssl
## Description:  CAs to trust for remote TLS requests
## Type:        string
## Default:     ""
## Config:      cfssl
## ServiceReload:	cfssl-serve
#
# Will be used as:
#
#   -tls-remote-ca="$CFSSL_SERVE_TLS_REMOTE_CA"
#
CFSSL_SERVE_TLS_REMOTE_CA=""

## Path:	System/Security/cfssl
## Description:  Mutual TLS - client certificate to call remote instance requiring client certs
## Type:        string
## Default:     ""
## Config:      cfssl
## ServiceReload:	cfssl-serve
#
# Will be used as:
#
#   -mutual-tls-client-cert="$CFSSL_SERVE_MUTUAL_TLS_CLIENT_CERT"
#
CFSSL_SERVE_MUTUAL_TLS_CLIENT_CERT=""

## Path:	System/Security/cfssl
## Description:  Mutual TLS - client key to call remote instance requiring client certs
## Type:        string
## Default:     ""
## Config:      cfssl
## ServiceReload:	cfssl-serve
#
# Will be used as:
#
#   -mutual-tls-client-key="$CFSSL_SERVE_MUTUAL_TLS_CLIENT_KEY"
#
CFSSL_SERVE_MUTUAL_TLS_CLIENT_KEY=""

## Path:	System/Security/cfssl
## Description:  endpoints to disable
## Type:        string
## Default:     ""
## Config:      cfssl
## ServiceReload:	cfssl-serve
#
# Will be used as:
#
#   -disable="$CFSSL_SERVE_DISABLE"
#
CFSSL_SERVE_DISABLE=""

## Path:	System/Security/cfssl
## Description:  Address to bind
## Type:        string
## Default:     "127.0.0.1"
## Config:      cfssl
## ServiceReload:	cfssl-ocspserve
#
# Will be used as:
#
#   -address="$CFSSL_OCSPSERVE_ADDRESS"
#
CFSSL_OCSPSERVE_ADDRESS="127.0.0.1"

## Path:	System/Security/cfssl
## Description:  Port to bind
## Type:        string
## Default:     "8888"
## Config:      cfssl
## ServiceReload:	cfssl-ocspserve
#
# Will be used as:
#
#   -port="$CFSSL_OCSPSERVE_PORT"
#
CFSSL_OCSPSERVE_PORT="8888"

## Path:	System/Security/cfssl
## Description:  file to load OCSP responses from
## Type:        string
## Default:     ""
## Config:      cfssl
## ServiceReload:	cfssl-ocspserve
#
# Will be used as:
#
#   -responses="$CFSSL_OCSPSERVE_RESPONSES"
#
CFSSL_OCSPSERVE_RESPONSES=""
Places

File cfssl.sysconfig of Package cfssl

Places
