backend: "pki_root"
allow_ip_sans: true
allowed_domains:
  - "unkin.net"
  - "unkin.local"
allow_subdomains: true
allow_glob_domains: false
allow_bare_domains: true
enforce_hostnames: false
allow_any_name: false
max_ttl: 31536000  # 8760h in seconds
key_bits: 2048
country: []
use_csr_common_name: true
use_csr_sans: true