# Sample configuration of a ZoneZipFileServerSideSigner.
#

## General properties
WORKERGENID1.TYPE=PROCESSABLE
WORKERGENID1.IMPLEMENTATION_CLASS=org.signserver.module.dnssec.signer.ZoneZipFileServerSideSigner
WORKERGENID1.NAME=ZoneZipFileServerSideSigner
WORKERGENID1.AUTHTYPE=NOAUTH

# Crypto token
WORKERGENID1.CRYPTOTOKEN=CryptoTokenP12
#WORKERGENID1.CRYPTOTOKEN=CryptoTokenP11
#WORKERGENID1.CRYPTOTOKEN=CryptoTokenP11NG1
#WORKERGENID1.CRYPTOTOKEN=CryptoTokenP11NG1KeyWrapping

# MIN_REMAINING_VALIDITY
# Minimum remaining time in seconds required to be able to re-use a previously signed record instead of resigning it.
WORKERGENID1.MIN_REMAINING_VALIDITY=1209600
#WORKERGENID1.MIN_REMAINING_VALIDITY=

# Signature algorithm
WORKERGENID1.SIGNATUREALGORITHM=
#WORKERGENID1.SIGNATUREALGORITHM=SHA256withRSA

# Prefix for the name of the ZSK keys to be used by the client call 
# (recommended convention is to use the zone name/workername with underscore and a "Z" to indicate ZSK).
#WORKERGENID1.ZSK_KEY_ALIAS_PREFIX=example.com_Z_
WORKERGENID1.ZSK_KEY_ALIAS_PREFIX=example.com_Z_

# List of pre-generated key signing keys (comma-separated).
# Should contain 1 or 2 entries
WORKERGENID1.ACTIVE_KSKS=example.com_K_1,example.com_K_2

# Fixed salt (for testing/troubleshooting)
#WORKERGENID1.NSEC3_SALT=6dcd4ce23d88e2ee
WORKERGENID1.NSEC3_SALT=

# Zone name to use
#
WORKERGENID1.ZONE_NAME=example.com.