diff options
| author | Rob Austein <sra@hactrn.net> | 2016-08-04 12:27:06 -0400 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2016-08-04 12:27:06 -0400 |
| commit | c897c7cecf4134f20354e3dbba9438cbab706eaf (patch) | |
| tree | 7066ad608aa285a2b80589e224d06a96e7421120 /doc/wiki-dump/doc%2FRPKI%2FCA%2FConfiguration%2Frpkid.md | |
| parent | 949e9c8358b5259656c02e4a1ada7912d943afd2 (diff) | |
Wiki->HTML->Markdown on all dumped pages, zip attachments.
Diffstat (limited to 'doc/wiki-dump/doc%2FRPKI%2FCA%2FConfiguration%2Frpkid.md')
| -rw-r--r-- | doc/wiki-dump/doc%2FRPKI%2FCA%2FConfiguration%2Frpkid.md | 114 |
1 files changed, 114 insertions, 0 deletions
diff --git a/doc/wiki-dump/doc%2FRPKI%2FCA%2FConfiguration%2Frpkid.md b/doc/wiki-dump/doc%2FRPKI%2FCA%2FConfiguration%2Frpkid.md new file mode 100644 index 00000000..774196c7 --- /dev/null +++ b/doc/wiki-dump/doc%2FRPKI%2FCA%2FConfiguration%2Frpkid.md @@ -0,0 +1,114 @@ +# [rpkid] section + +rpkid's default config file is the system `rpki.conf` file. Start rpkid with +"`-c filename`" to choose a different config file. All options are in the +"`[rpkid]`" section. BPKI Certificates and keys may be in either DER or PEM +format. + +## sql-database + +MySQL database name for rpkid. + + + + sql-database = ${myrpki::rpkid_sql_database} + + +## sql-username + +MySQL user name for rpkid. + + + + sql-username = ${myrpki::rpkid_sql_username} + + +## sql-password + +MySQL password for rpkid. + + + + sql-password = ${myrpki::rpkid_sql_password} + + +## server-host + +Host on which rpkid should listen for HTTP service requests. + + + + server-host = ${myrpki::rpkid_server_host} + + +## server-port + +Port on which rpkid should listen for HTTP service requests. + + + + server-port = ${myrpki::rpkid_server_port} + + +## irdb-url + +HTTP service URL rpkid should use to contact irdbd. If irdbd is running on the +same machine as rpkid, this can and probably should be a loopback URL, since +nobody but rpkid needs to talk to irdbd. + + + + irdb-url = http://${myrpki::irdbd_server_host}:${myrpki::irdbd_server_port}/ + + +## bpki-ta + +Where rpkid should look for the BPKI trust anchor. All BPKI certificate +verification within rpkid traces back to this trust anchor. Don't change this +unless you really know what you are doing. + + + + bpki-ta = ${myrpki::bpki_servers_directory}/ca.cer + + +## rpkid-cert + +Where rpkid should look for its own BPKI EE certificate. Don't change this +unless you really know what you are doing. + + + + rpkid-cert = ${myrpki::bpki_servers_directory}/rpkid.cer + + +## rpkid-key + +Where rpkid should look for the private key corresponding to its own BPKI EE +certificate. Don't change this unless you really know what you are doing. + + + + rpkid-key = ${myrpki::bpki_servers_directory}/rpkid.key + + +## irdb-cert + +Where rpkid should look for irdbd's BPKI EE certificate. Don't change this +unless you really know what you are doing. + + + + irdb-cert = ${myrpki::bpki_servers_directory}/irdbd.cer + + +## irbe-cert + +Where rpkid should look for the back-end control client's BPKI EE certificate. +Don't change this unless you really know what you are doing. + + + + irbe-cert = ${myrpki::bpki_servers_directory}/irbe.cer + + |