The tls-certificate configuration variable

tls-certificate is the absolute file name of the TLS private key and signed certificate, e.g. /usr/local/archiveopteryx/imap.pem. If tls-certificate is not specified, tlsproxy generates a private key and a self-signed certificate at runtime and stores both in /usr/local/archiveopteryx/automatic-key.pem.

The certificate file should look roughly like this (except that your data will be longer):

-----BEGIN RSA PRIVATE KEY----- 23cN3BeSujIEvPTJzDolgi20V2tWOjd7P11kbU W9+jMQbb0SgAeLALWiyRx2geQM7mzlW67he/6A datxppoDdRGoQ5ZFAEuQAYrjAR3slgyqUqI1V0 3FVtX0BH+3RPxiaPclUw== -----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE----- ui0hssq/1E1g417G94lWY2OoI87Dw4VKGOi39e zzM51+afeb+UfrYgWJ8UIbeD2lAoX7fk/T9u3o xbFsuegjQuDfzyXmFt5iyJIULKmLO6AlzGnnjF zp6Ov2DLmS5aRHMbcyT2nmppl7I7Nc9nMHy1mI OjznnKKjgOiKEo5es2l5jsQXdnUc5FuMfrzGYX lmqWjA4aa= -----END CERTIFICATE-----

tls-certificate is a string. Its default value is an empty string.

You can see its current value with the command aox show cf tls-certificate.

String syntax

Strings may be written as a single unquoted word or quoted with either single or double quotes, as shown in these three examples:

db-password = single.word
db-password = "rock'n'roll" # a 12-character password
db-password = 'two words, quoted' # a 17-character one

Only single-line strings can be used. Single-word strings may contain the characters a-z, A-Z, 0-9, dot, hyphen and slash.

Spaces are allowed at the start of the line, before and after '=', and after the value. Comments extend from '#' to the end of the line.

In case of questions, please write to info@aox.org.

About this page

Last modified: 2010-11-19
Location: aox.org/conf/tls-certificate