#
# ssl_multicert.config
#
# Allows a TLS certificate and private key to be tied to a specific
# hostname or IP address. At load time, the certificate is parsed to
# extract the subject CN and all the DNS subjectAltNames.  The
# certificate will be presented for connections requesting any of the
# hostnames found in the certificate. Wildcard names are supported,
# but only of the form '*.domain.com', ie. where '*' is the leftmost
# domain component.
#
# The certificate file path, CA path and key path specified in
# records.config will be used for all certificates, CAs and keys
# specified here.
#
# Fields:
#
# dest_ip=ADDRESS
#   The IP (v4 or v6) address that the certificate should be presented
#   on. This is now only used as a fallback in the case that the TLS
#   SubjectNameIndication extension is not supported. If ADDRESS is
#   '*', the certificate will be used as the default fallback if no
#   other match can be made.
#
# ssl_key_name=FILENAME
#   The name of the file containg the private key for this certificate.
#   If the key is contained in the certificate file, this field can be
#   omitted.
#
# ssl_ca_name=FILENAME
#   If your certificates have different Certificate Authorities, you
#   can optionally specify the corresponding file here.
#
# ssl_cert_name=FILENAME
#   The name of the file containing the TLS certificate. This is the
#   only field that is required to be present.
#
# Examples:
#   ssl_cert_name=foo.pem
#   dest_ip=*	ssl_cert_name=bar.pem ssl_key_name=barKey.pem
#   dest_ip=209.131.48.79	ssl_cert_name=server.pem ssl_key_name=serverKey.pem