Initial post of Configuration content.

Configuration.md

@@ -0,0 +1,50 @@
+By default, the PyKMIP client and server look in `/etc/pykmip` for their configuration files. This directory will not be created during install, so you will need to create it yourself. However, example client and server configuration files, named `pykmip.conf` and `server.conf` respectively, are provided under the examples directory in the PyKMIP repository to help get you started.
+
+Client Configuration
+
+The `pykmip.conf` file contains one or more client configuration sections defining the information the client needs to successfully establish a TLS connection with a KMIP appliance. This configuration section looks like this:
+
+    [client]
+    host=127.0.0.1
+    port=5696
+    keyfile=/etc/pykmip/certs/client_private_key.pem
+    certfile=/etc/pykmip/certs/client_cert.pem
+    cert_reqs=CERT_REQUIRED
+    ssl_version=PROTOCOL_SSLv23
+    ca_certs=/etc/pykmip/certs/server_ca_cert.pem
+    do_handshake_on_connect=True
+    suppress_ragged_eofs=True
+    username=example_username
+    password=example_password
+
+The "[client]" line at the beginning is the name or label of the configuration block. You can change this label to be whatever you want, which is useful if you have multiple KMIP appliances you need to connect to. For example:
+
+    [test]
+    ...
+
+    [production]
+    ...
+
+To properly connect with your KMIP appliance, you will need to work with the appliance administrator to get the proper network settings (`host` and `port`) and the right certificate files (`certfile`, `keyfile`, and `ca_certs`), otherwise you will not be able to connect. The username and password values may or may not be needed, depending on the appliance's security policy; if they are not needed, just leave them blank:
+
+    [client]
+    ...
+    username=
+    password=
+
+All of the other settings you can leave as is, unless told otherwise by your networking or appliance administrator. These settings are used to properly set up the client's TLS connection to the appliance. Modifying these improperly may weaken the security of the TLS connection.
+
+Server Configuration
+
+The `server.conf` file contains the server configuration section defining the information the server needs to successfully establish TLS connections with clients. This configuration section looks like this:
+
+    [server]
+    hostname=127.0.0.1
+    port=5696
+    certificate_path=/etc/pykmip/certs/server_cert.pem
+    key_path=/etc/pykmip/certs/server_private_key.pem
+    ca_path=/etc/pykmip/certs/server_ca_cert.pem
+    auth_suite=Basic
+    policy_path=/etc/pykmip/policies
+
+Each of these options is explained further in the project README (see Server/Configuration). Unlike the client configuration file, the server only expects to find one configuration section in the configuration file. It must be named `[server]` so do not change it when setting up `/etc/pykmip`.