Add new configs to the doc

2020-08-11 18:51:41 -07:00 · 2020-08-11 18:51:41 -07:00 · 8d2fffba87
parent 3cb386cc0f
commit 8d2fffba87
1 changed files with 18 additions and 2 deletions
--- a/docs/administration.rst
+++ b/docs/administration.rst
@ -155,6 +155,22 @@ Specifying the `SQLALCHEMY_MAX_OVERFLOW` to 0 will enforce limit to not create c

        LEMUR_ENCRYPTION_KEYS = ['1YeftooSbxCiX2zo8m1lXtpvQjy27smZcUUaGmffhMY=', 'LAfQt6yrkLqOK5lwpvQcT4jf2zdeTQJV1uYeh9coT5s=']

+.. data:: PUBLIC_CA_AUTHORITY_NAMES
+    :noindex:
+        A list of public issuers which would be checked against to determine whether limit of max validity of 397 days
+        should be applied to the certificate. Configure public CA authority names in this list to enforce validity check.
+        This is an optional setting. Using this will allow the sanity check as mentioned. The name check is a case-insensitive
+        string comparision.
+
+.. data:: PUBLIC_CA_MAX_VALIDITY_DAYS
+    :noindex:
+        Use this config to override the limit of 397 days of validity for certificates issued by public issuers configured
+        using PUBLIC_CA_AUTHORITY_NAMES. Below example overrides the default validity of 397 days and sets it to 365 days.
+
+    ::
+
+        PUBLIC_CA_MAX_VALIDITY_DAYS = 365
+

 .. data:: DEBUG_DUMP
    :noindex: