# # ssl_multicert.config # # Allows a TLS certificate and private key to be tied to a specific # hostname or IP address. At load time, the certificate is parsed to # extract the subject CN and all the DNS subjectAltNames. The # certificate will be presented for connections requesting any of the # hostnames found in the certificate. Wildcard names are supported, # but only of the form '*.domain.com', ie. where '*' is the leftmost # domain component. # # The certificate file path, CA path and key path specified in # records.config will be used for all certificates, CAs and keys # specified here. # # Fields: # # dest_ip=ADDRESS # The IP (v4 or v6) address that the certificate should be presented # on. This is now only used as a fallback in the case that the TLS # SubjectNameIndication extension is not supported. If ADDRESS is # '*', the certificate will be used as the default fallback if no # other match can be made. # # ssl_key_name=FILENAME # The name of the file containg the private key for this certificate. # If the key is contained in the certificate file, this field can be # omitted. # # ssl_ca_name=FILENAME # If your certificates have different Certificate Authorities, you # can optionally specify the corresponding file here. # # ssl_cert_name=FILENAME # The name of the file containing the TLS certificate. This is the # only field that is required to be present. # # Examples: # ssl_cert_name=foo.pem # dest_ip=* ssl_cert_name=bar.pem ssl_key_name=barKey.pem # dest_ip=209.131.48.79 ssl_cert_name=server.pem ssl_key_name=serverKey.pem