-
Notifications
You must be signed in to change notification settings - Fork 1
/
ca.json
40 lines (40 loc) · 1.39 KB
/
ca.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
{ "address": "{{.Env.SRA_BIND}}",
"dnsNames": [{{.Env.SRA_DNS}}],
"db": {
"type": "mysql",
"dataSource": "{{.Env.SRA_DB_USER}}:{{.Env.SRA_DB_PASS}}@tcp({{.Env.SRA_DB_HOST}}:3306)/",
"database": "{{.Env.SRA_DATABASE}}" },
"logger": {"format": "text"},
"authority": {
"type": "stepcas",
"certificateAuthority": "{{.Env.STEP_CA_URL}}",
"certificateAuthorityFingerprint": "{{.Env.STEP_CA_FINGERPRINT}}",
"certificateIssuer": {
"type" : "jwk",
"provisioner": "{{.Env.STEP_CA_PROVISIONER}}"
},
"provisioners": [{
"type": "ACME",
"name": "acme",
"forceCN": true,
"claims": {
"maxTLSCertDuration": "4320h0m0s",
"defaultTLSCertDuration": "2160h0m0s" } }]
},
"tls": {
"cipherSuites": [
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305" ],
"minVersion": 1.2,
"maxVersion": 1.3,
"renegotiation": false } }