2 files changed, 14 insertions, 3 deletions

diff --git a/modules/caddypki/ca.go b/modules/caddypki/ca.go
index 641f006..c0a0096 100644
--- a/modules/caddypki/ca.go
+++ b/modules/caddypki/ca.go
@@ -51,7 +51,10 @@ type CA struct {
 	// and Mozilla Firefox trust stores. Default: true.
 	InstallTrust *bool `json:"install_trust,omitempty"`
 
-	Root         *KeyPair `json:"root,omitempty"`
+	// The root certificate to use; if empty, one will be generated.
+	Root *KeyPair `json:"root,omitempty"`
+
+	// The intermediate (signing) certificate; if empty, one will be generated.
 	Intermediate *KeyPair `json:"intermediate,omitempty"`
 
 	// Optionally configure a separate storage module associated with this
diff --git a/modules/caddypki/crypto.go b/modules/caddypki/crypto.go
index e701c40..e1a0e35 100644
--- a/modules/caddypki/crypto.go
+++ b/modules/caddypki/crypto.go
@@ -120,9 +120,17 @@ func trusted(cert *x509.Certificate) bool {
 // KeyPair represents a public-private key pair, where the
 // public key is also called a certificate.
 type KeyPair struct {
+	// The certificate. By default, this should be the path to
+	// a PEM file unless format is something else.
 	Certificate string `json:"certificate,omitempty"`
-	PrivateKey  string `json:"private_key,omitempty"`
-	Format      string `json:"format,omitempty"`
+
+	// The private key. By default, this should be the path to
+	// a PEM file unless format is something else.
+	PrivateKey string `json:"private_key,omitempty"`
+
+	// The format in which the certificate and private
+	// key are provided. Default: pem_file
+	Format string `json:"format,omitempty"`
 }
 
 // Load loads the certificate and key.