2021-06-07 21:18:49 +03:00
|
|
|
{
|
|
|
|
skip_install_trust
|
2022-01-06 06:45:41 +03:00
|
|
|
pki {
|
|
|
|
ca {
|
|
|
|
name "Local"
|
|
|
|
root_cn "Custom Local Root Name"
|
|
|
|
intermediate_cn "Custom Local Intermediate Name"
|
2022-01-18 22:18:31 +03:00
|
|
|
root {
|
|
|
|
cert /path/to/cert.pem
|
|
|
|
key /path/to/key.pem
|
|
|
|
format pem_file
|
|
|
|
}
|
|
|
|
intermediate {
|
|
|
|
cert /path/to/cert.pem
|
|
|
|
key /path/to/key.pem
|
|
|
|
format pem_file
|
|
|
|
}
|
2022-01-06 06:45:41 +03:00
|
|
|
}
|
|
|
|
ca foo {
|
|
|
|
name "Foo"
|
|
|
|
root_cn "Custom Foo Root Name"
|
|
|
|
intermediate_cn "Custom Foo Intermediate Name"
|
|
|
|
}
|
|
|
|
}
|
2021-06-07 21:18:49 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
a.example.com {
|
|
|
|
tls internal
|
|
|
|
}
|
2022-01-06 06:45:41 +03:00
|
|
|
|
|
|
|
acme.example.com {
|
|
|
|
acme_server {
|
|
|
|
ca foo
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
acme-bar.example.com {
|
|
|
|
acme_server {
|
|
|
|
ca bar
|
|
|
|
}
|
|
|
|
}
|
2021-06-07 21:18:49 +03:00
|
|
|
----------
|
|
|
|
{
|
|
|
|
"apps": {
|
|
|
|
"http": {
|
|
|
|
"servers": {
|
|
|
|
"srv0": {
|
|
|
|
"listen": [
|
|
|
|
":443"
|
|
|
|
],
|
|
|
|
"routes": [
|
2022-01-06 06:45:41 +03:00
|
|
|
{
|
|
|
|
"match": [
|
|
|
|
{
|
|
|
|
"host": [
|
|
|
|
"acme-bar.example.com"
|
|
|
|
]
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"handle": [
|
|
|
|
{
|
|
|
|
"handler": "subroute",
|
|
|
|
"routes": [
|
|
|
|
{
|
|
|
|
"handle": [
|
|
|
|
{
|
|
|
|
"ca": "bar",
|
|
|
|
"handler": "acme_server"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"terminal": true
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"match": [
|
|
|
|
{
|
|
|
|
"host": [
|
|
|
|
"acme.example.com"
|
|
|
|
]
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"handle": [
|
|
|
|
{
|
|
|
|
"handler": "subroute",
|
|
|
|
"routes": [
|
|
|
|
{
|
|
|
|
"handle": [
|
|
|
|
{
|
|
|
|
"ca": "foo",
|
|
|
|
"handler": "acme_server"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"terminal": true
|
|
|
|
},
|
2021-06-07 21:18:49 +03:00
|
|
|
{
|
|
|
|
"match": [
|
|
|
|
{
|
|
|
|
"host": [
|
|
|
|
"a.example.com"
|
|
|
|
]
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"terminal": true
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"pki": {
|
|
|
|
"certificate_authorities": {
|
2022-01-06 06:45:41 +03:00
|
|
|
"bar": {
|
|
|
|
"install_trust": false
|
|
|
|
},
|
|
|
|
"foo": {
|
|
|
|
"name": "Foo",
|
|
|
|
"root_common_name": "Custom Foo Root Name",
|
|
|
|
"intermediate_common_name": "Custom Foo Intermediate Name",
|
|
|
|
"install_trust": false
|
|
|
|
},
|
2021-06-07 21:18:49 +03:00
|
|
|
"local": {
|
2022-01-06 06:45:41 +03:00
|
|
|
"name": "Local",
|
|
|
|
"root_common_name": "Custom Local Root Name",
|
|
|
|
"intermediate_common_name": "Custom Local Intermediate Name",
|
2022-01-18 22:18:31 +03:00
|
|
|
"install_trust": false,
|
|
|
|
"root": {
|
|
|
|
"certificate": "/path/to/cert.pem",
|
|
|
|
"private_key": "/path/to/key.pem",
|
|
|
|
"format": "pem_file"
|
|
|
|
},
|
|
|
|
"intermediate": {
|
|
|
|
"certificate": "/path/to/cert.pem",
|
|
|
|
"private_key": "/path/to/key.pem",
|
|
|
|
"format": "pem_file"
|
|
|
|
}
|
2021-06-07 21:18:49 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"tls": {
|
|
|
|
"automation": {
|
|
|
|
"policies": [
|
2022-01-06 06:45:41 +03:00
|
|
|
{
|
|
|
|
"subjects": [
|
|
|
|
"acme-bar.example.com",
|
|
|
|
"acme.example.com"
|
|
|
|
]
|
|
|
|
},
|
2021-06-07 21:18:49 +03:00
|
|
|
{
|
|
|
|
"subjects": [
|
|
|
|
"a.example.com"
|
|
|
|
],
|
|
|
|
"issuers": [
|
|
|
|
{
|
|
|
|
"module": "internal"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2022-12-06 10:12:26 +03:00
|
|
|
}
|