blob: 21793157f129c974b4fdcc69d90beee730de9e90 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
rpkid's default config file is the system rpkid.conf file. Start rpkid with -
c filename to choose a different config file. All options are in the section
[rpkid]. BPKI Certificates and keys may be in either DER or PEM format.
sql-database::
MySQL database name for rpkid.
Default: ${myrpki::rpkid_sql_database}
sql-username::
MySQL user name for rpkid.
Default: ${myrpki::rpkid_sql_username}
sql-password::
MySQL password for rpkid.
Default: ${myrpki::rpkid_sql_password}
server-host::
Host on which rpkid should listen for HTTP service requests.
Default: ${myrpki::rpkid_server_host}
server-port::
Port on which rpkid should listen for HTTP service requests.
Default: ${myrpki::rpkid_server_port}
irdb-url::
HTTP service URL rpkid should use to contact irdbd. If irdbd is
running on the same machine as rpkid, this can and probably should be
a loopback URL, since nobody but rpkid needs to talk to irdbd.
Default: http://${myrpki::irdbd_server_host}:${myrpki::
irdbd_server_port}/
bpki-ta::
Where rpkid should look for the BPKI trust anchor. All BPKI
certificate verification within rpkid traces back to this trust
anchor. Don't change this unless you really know what you are doing.
Default: ${myrpki::bpki_servers_directory}/ca.cer
rpkid-cert::
Where rpkid should look for its own BPKI EE certificate. Don't change
this unless you really know what you are doing.
Default: ${myrpki::bpki_servers_directory}/rpkid.cer
rpkid-key::
Where rpkid should look for the private key corresponding to its own
BPKI EE certificate. Don't change this unless you really know what
you are doing.
Default: ${myrpki::bpki_servers_directory}/rpkid.key
irdb-cert::
Where rpkid should look for irdbd's BPKI EE certificate. Don't change
this unless you really know what you are doing.
Default: ${myrpki::bpki_servers_directory}/irdbd.cer
irbe-cert::
Where rpkid should look for the back-end control client's BPKI EE
certificate. Don't change this unless you really know what you are
doing.
Default: ${myrpki::bpki_servers_directory}/irbe.cer
|
