1 files changed, 60 insertions, 0 deletions

diff --git a/doc/doc.RPKI.CA.Configuration.rpkid b/doc/doc.RPKI.CA.Configuration.rpkid
new file mode 100644
index 00000000..c17b2f53
--- /dev/null
+++ b/doc/doc.RPKI.CA.Configuration.rpkid
@@ -0,0 +1,60 @@
+****** rpkid.conf ******
+
+rpkid's default config file is the system rpkid.conf file. Start rpkid with "-
+c filename" to choose a different config file. All options are in the section "
+[rpkid]". Certificates and keys may be in either DER or PEM format.
+
+Options:
+
+startup-message::
+
+     String to log on startup, useful when debugging a collection of rpkid
+     instances at once.
+
+sql-username::
+
+     Username to hand to MySQL when connecting to rpkid's database.
+
+sql-database::
+
+     MySQL's database name for rpkid's database.
+
+sql-password::
+
+     Password to hand to MySQL when connecting to rpkid's database.
+
+bpki-ta::
+
+     Name of file containing BPKI trust anchor. All BPKI certificate
+     verification within rpkid traces back to this trust anchor.
+
+rpkid-cert::
+
+     Name of file containing rpkid's own BPKI EE certificate.
+
+rpkid-key::
+
+     Name of file containing RSA key corresponding to rpkid-cert.
+
+irbe-cert::
+
+     Name of file containing BPKI certificate used by IRBE (rpkic, GUI)
+     when talking to rpkid.
+
+irdb-cert::
+
+     Name of file containing BPKI certificate used by irdbd.
+
+irdb-url::
+
+     Service URL for irdbd. Must be a http:// URL.
+
+server-host::
+
+     Hostname or IP address on which to listen for HTTP connections.
+     Default is the wildcard address (IPv4 0.0.0.0, IPv6 ::), which should
+     work in most cases.
+
+server-port::
+
+     TCP port on which to listen for HTTP connections.