[security]
# random key for CSRF protection, must be 32 bytes, generate with openssl rand -base64 32
csrf.key = "32-byte-long-random-base64-encoded-key"
# CA certificates that are accepted to sign client certificates
client.ca-file = "client.cas.pem"

[server]
# server name
name = "idp.cacert.org"
# server IP address
bind_address = "127.0.0.1"
# server port
port = 3443
# server TLS X.509 certificate in PEM format
certificate = "server.crt.pem"
# private key for TLS
key = "server.key.pem"

[admin]
# URL to ORY Hydra admin endpoint URL
url = "https://hydra:4445"