blob: 211dc772e2153c889482c4307bb0854a151b5ead (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
{{{
#!comment
******************************************************************************
THIS PAGE WAS GENERATED AUTOMATICALLY, DO NOT EDIT.
Generated from $Id: rpki-confgen.xml 6070 2015-03-23 18:04:06Z melkins $
by $Id: rpki-confgen 5856 2014-05-31 18:32:19Z sra $
******************************************************************************
}}}
[[TracNav(doc/RPKI/TOC)]]
[[PageOutline]]
= [rpkid] section = #rpkid
rpkid's default config file is the system `rpki.conf` file. Start
rpkid with "`-c filename`" to choose a different config file. All
options are in the "`[rpkid]`" section. BPKI Certificates and keys may
be in either DER or PEM format.
== sql-database == #sql-database
MySQL database name for rpkid.
{{{
#!ini
sql-database = ${myrpki::rpkid_sql_database}
}}}
== sql-username == #sql-username
MySQL user name for rpkid.
{{{
#!ini
sql-username = ${myrpki::rpkid_sql_username}
}}}
== sql-password == #sql-password
MySQL password for rpkid.
{{{
#!ini
sql-password = ${myrpki::rpkid_sql_password}
}}}
== server-host == #server-host
Host on which rpkid should listen for HTTP service requests.
{{{
#!ini
server-host = ${myrpki::rpkid_server_host}
}}}
== server-port == #server-port
Port on which rpkid should listen for HTTP service requests.
{{{
#!ini
server-port = ${myrpki::rpkid_server_port}
}}}
== irdb-url == #irdb-url
HTTP service URL rpkid should use to contact irdbd. If irdbd is
running on the same machine as rpkid, this can and probably should be
a loopback URL, since nobody but rpkid needs to talk to irdbd.
{{{
#!ini
irdb-url = http://${myrpki::irdbd_server_host}:${myrpki::irdbd_server_port}/
}}}
== bpki-ta == #bpki-ta
Where rpkid should look for the BPKI trust anchor. All BPKI
certificate verification within rpkid traces back to this trust
anchor. Don't change this unless you really know what you are doing.
{{{
#!ini
bpki-ta = ${myrpki::bpki_servers_directory}/ca.cer
}}}
== rpkid-cert == #rpkid-cert
Where rpkid should look for its own BPKI EE certificate. Don't change
this unless you really know what you are doing.
{{{
#!ini
rpkid-cert = ${myrpki::bpki_servers_directory}/rpkid.cer
}}}
== rpkid-key == #rpkid-key
Where rpkid should look for the private key corresponding to its own
BPKI EE certificate. Don't change this unless you really know what you
are doing.
{{{
#!ini
rpkid-key = ${myrpki::bpki_servers_directory}/rpkid.key
}}}
== irdb-cert == #irdb-cert
Where rpkid should look for irdbd's BPKI EE certificate. Don't change
this unless you really know what you are doing.
{{{
#!ini
irdb-cert = ${myrpki::bpki_servers_directory}/irdbd.cer
}}}
== irbe-cert == #irbe-cert
Where rpkid should look for the back-end control client's BPKI EE
certificate. Don't change this unless you really know what you are
doing.
{{{
#!ini
irbe-cert = ${myrpki::bpki_servers_directory}/irbe.cer
}}}
|
