gocsaf/docs/examples/provider_config.toml

# Set the authentication password for accessing the CSAF provider.
# It is essential that you set a secure password between the quotation marks.
# The default being no password set.
#password = ""

# Set the path to the public OpenPGP key.
#openpgp_public_key = "/etc/csaf/openpgp_public.asc"

# Set the path to the private OpenPGP key.
#openpgp_private_key = "/etc/csaf/openpgp_private.asc"

# Specify the root folder.
#folder = "/var/www/"

# Specify the web folder.
#web = "/var/www/html"

# Allow sending a signature with the request.
# An additional input-field in the web interface will be shown
# to let user enter an ascii armored OpenPGP signature.
#upload_signature = false

# Set the beginning of the URL where contents are accessible from the internet.
# If not set, the provider will read from the $SERVER_NAME variable.
# The following shows an example of a manually set prefix:
#canonical_url_prefix  = https://localhost

# Require users to use a password and a valid Client Certificate for write access.
#certificate_and_password = false

# Allow the user to send the request without having to send a passphrase
# to unlock the the OpenPGP key.
# If set to true, the input-field in the web interface will be omitted.
#no_passphrase = false

# Make the provider skip the validation of the uploaded CSAF document
# against the JSON schema.
#no_validation = false

# Disable the experimental web interface.
#no_web_ui = true

# Make the provider take the publisher from the CSAF document.
#dynamic_provider_metadata = false

# Set the upload limit size of a file in bytes.
# The default is equivalent to 50 MiB.
#upload_limit =  52428800

# Set the issuer of the CA.
# If set, the provider restricts the writing permission and the
# access to the web-interface to users with the client certificates
# signed with this CA.
# The following shows an example. As default, none is set.
#issuer = "Example Company"

# Make the provider write/update index.txt and changes.csv.
#write_indices = false

# Make the provider write a `CSAF:` entry into `security.txt`.
#write_security = false

# Set the TLP allowed to be send with the upload request
# (one or more of "csaf", "white", "amber", "green", "red").
# The "csaf" entry lets the provider take the value from the CSAF document.
# These affect the list items in the web interface.
#tlps = ["csaf", "white", "amber", "green", "red"]`

# Make the provider create a ROLIE service document.
#create_service_document = false

# Make the provider create a ROLIE category document from a list of strings.
# If a list item starts with `expr:`
#   the rest of the string is used as a JsonPath expression
#   to extract a string from the incoming advisories.
# Strings not starting with `expr:` are taken verbatim.
# By default no category documents are created.
# This example provides an overview over the syntax,
# adjust the parameters depending on your setup.
#categories = ["Example Company Product A", "expr:document.lang"]

# Make the provider use a remote validator service. Not used by default.
# This example provides an overview over the syntax,
# adjust the parameters depending on your setup.
#[remote_validator]
#url = "http://localhost:8082"
#presets = ["mandatory"]
#cache = "/var/lib/csaf/validations.db"

[provider_metadata]
# Indicate that aggregators can list us.
list_on_CSAF_aggregators = true
# Indicate that aggregators can mirror us.
mirror_on_CSAF_aggregators = true

# Set the publisher details.
[provider_metadata.publisher]
category = "vendor"
name = "Example Company"
namespace = "https://example.com"
issuing_authority = "We at Example Company are responsible for publishing and maintaining Product Y."
contact_details = "Example Company can be reached at contact_us@example.com, or via our website at https://www.example.com/contact."