gatehouse-api/etc/ssh_ca.conf

[default]
# Certificate validity period (in hours)
cert_validity_hours=8

# Maximum certificate validity allowed (in hours)
max_cert_validity_hours=720

# CA private key path (required for local encryption mode)
ca_key_path=

# Certificate Field Limits
max_principals_per_cert=256
max_key_id_length=255

# Verification challenge max age (in hours)
verification_challenge_max_age=24

# Cleanup: delete unverified SSH keys after this many days
auto_delete_unverified_days=30

[development]
ca_key_path=${SSH_CA_KEY_PATH}
cert_validity_hours=24

[production]
cert_validity_hours=8

[testing]
cert_validity_hours=8