---

# letsencrypt_key_size: 4096
# letsencrypt_renew_days: 30
# Can be rsa, prime256v1 or secp384r1
# letsencrypt_key_algo: rsa
# letsencrypt_auto_renew: True
# letsencrypt_revoke_old_certs: False
#
letsencrypt_challenge: http
# If you want to use dns-01 challenges
# letsencrypt_challenge: dns
# letsencrypt_dns_provider: gandi
# letsencrypt_dns_provider_options: '--api-protocol=rest'
# letsencrypt_dns_auth_token: XXXX
#
# letsencrypt_certs:
#   - common_name: www.domain.org
#     alt_names:
#       - www1.domain.org
#       - m.domain.org
#       - foo.domain.org
#   - common_name: mail.domain.com
#   - common_name: ldap.domain.com
#     alt_names:
#       - directory.domain.com

...