Skip to main content

Autocert Directory

  • Environmental Variable: AUTOCERT_DIR
  • Config File Key: autocert_dir
  • Type: string pointing to the path of the directory, or a URL to an S3 or GCS bucket.
  • Optional
  • Default:
    • /data/autocert in published Pomerium Docker images
    • /etc/pomerium/ in published Pomerium os packages like Ubuntu and RHEL. These need to be manually overwritten using environmental variables.
    • $XDG_DATA_HOME
    • $HOME/.local/share/pomerium

Autocert directory is the path which Autocert will store X.509 certificate data.

S3 Bucket

An S3 bucket can be used as storage by using a URL like:

autocert_dir: s3://your-bucket.s3.us-east-1.amazonaws.com/some/prefix

Credentials are sourced from the environment.

GCS Bucket

A Google Cloud Storage bucket can be used as storage by using a URL like:

autocert_dir: gs://your-bucket/some/prefix

Credentials are sourced from Google Application Default Credentials.