# Address for the DNS server to listen on.
# The port should probably be 53.
# Can also be spelled "dns_listen_adr" for
# retro-compatibility.
dns_listen_addr = "192.0.2.91:53"

# A first account
# accounts are identified by
# their email and their private key
[[accounts]]
email= "contact@doma.in"
private_key_path = "priv_key.pem"

# A first certificate ordered for that account.
[[accounts.certificates]]
domains =  ["doma.in","*.doma.in"]
fullchain_output_file = "fullchain_A.pem"
key_output_file = "cert_key_A.pem"

# A second certificate ordered for that account,
[[accounts.certificates]]
domains =  ["examp.le","another.examp.le","and.a.completely.different.one"]
fullchain_output_file = "fullchain_B.pem"
key_output_file = "cert_key_B.pem"
# Renew certificate 21 days in advance of its expiration (defaults to 30 if omitted).
renewal_days_advance = 21 
# Re-use the existing private key.
# If no key is present at `key_output_file`, a new one will be generated. 
reuse_private_key = true

# A second account
[[accounts]]
email = "contact@foo.tld"
private_key_path = "priv_key_2.pem"

# The only certificate for that second account
[[accounts.certificates]]
domains = ["foo.tld","subdomain.foo.tld"]
fullchain_output_file = "fullchain2.pem"
key_output_file = "cert_key_2.pem"