Checkpoint

svn path=/docs/OPERATION; revision=1461

1 files changed, 44 insertions, 1 deletions

diff --git a/docs/OPERATION b/docs/OPERATION
index 723c4553..2c50631f 100644
--- a/docs/OPERATION
+++ b/docs/OPERATION
@@ -198,7 +198,50 @@ rpki-pkcs10-filename:	Name of file that rootd should use when saving
 
 ----------------------------------------------------------------
 
-irdbd.py
+irdbd.py config file:
+
+The default config file is irdbd.conf, start rpkid with "-c filename"
+to choose a different config file.  All options are in the section
+"[irdbd]".  Certificates, keys, and trust anchors may be in either DER
+or PEM format.
+
+Options:
+
+startup-message:	String to log on startup, useful when
+			debugging a collection of irdbd instances at
+			once.
+
+sql-username:		Username to hand to MySQL when connecting to
+			irdbd's database.
+
+sql-database:		MySQL's database name for irdbd's database.
+
+sql-password:		Password to hand to MySQL when connecting to
+			irdbd's database.
+
+cms-ta:			Name of file containing CMS trust anchor to
+			use when authenticating messages from rpkid.
+
+cms-key:		Name of file containing RSA key to use when
+			signing CMS messages to rpkid.
+
+cms-certs:		Name(s) of file(s) containing certificate(s)
+			to include in CMS wrapper when signing
+			messages to rpkid.  You can specify more than
+			one certificate using OpenSSL-style
+			subscripts: cms-certs.0, cms-certs.1, etc.
+
+https-key:		Name of file containing RSA key to use in the
+			HTTPS server role when listening for
+			connections from rpkid. 
+
+https-certs:		Name(s) of file(s) containing certificate(s)
+			to use in the HTTPS server role when listening
+			for connections from rpkid.  You can specify
+			more than one certificate using OpenSSL-style
+			subscripts: https-certs.0, https-certs.1, etc.
+
+https-url:		Service URL for irdbd.  Must be a https// URL.
 
 ----------------------------------------------------------------