1 files changed, 9 insertions, 2 deletions

diff --git a/rpkid/examples/rpki.conf b/rpkid/examples/rpki.conf
index 880758ee..4fbfca0d 100644
--- a/rpkid/examples/rpki.conf
+++ b/rpkid/examples/rpki.conf
@@ -83,6 +83,7 @@ rootd_server_port		= 4401
 # relying parties can find and verify rpkid's published outputs.
 
 publication_base_directory     	= publication
+publication_root_cert_directory	= ${myrpki::publication_base_directory}.root
 
 # rsyncd module name corresponding to publication_base_directory.
 # This has to match the module you configured into rsyncd.conf.
@@ -90,6 +91,12 @@ publication_base_directory     	= publication
 
 publication_rsync_module	= rpki
 
+# rsyncd module name corresponding to publication_root_cert_directory.
+# This has to match the module you configured into rsyncd.conf.
+# Leave this alone unless you have some need to change it.
+
+publication_root_module		= root
+
 # Hostname and optional port number for rsync:// URIs.  In most cases
 # this should just be the same value as pubd_server_host.
 
@@ -304,7 +311,7 @@ rpki-base-uri           	= rsync://${myrpki::publication_rsync_server}/${myrpki:
 
 # rsync URI for rootd's root (self-signed) RPKI certificate
 
-rpki-root-cert-uri      	= rsync://${myrpki::publication_rsync_server}/${myrpki::publication_rsync_module}/root.cer
+rpki-root-cert-uri      	= rsync://${myrpki::publication_rsync_server}/${myrpki::publication_root_module}/root.cer
 
 # Private key corresponding to rootd's root RPKI certificate
 
@@ -312,7 +319,7 @@ rpki-root-key           	= ${myrpki::bpki_servers_directory}/root.key
 
 # Filename (as opposed to rsync URI) of rootd's root RPKI certificate
 
-rpki-root-cert          	= ${myrpki::publication_base_directory}/root.cer
+rpki-root-cert          	= ${myrpki::publication_root_cert_directory}/root.cer
 
 # Where rootd should stash a copy of the PKCS #10 request it gets from
 # its one (and only) child