logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

tlshd.conf - tlshd configuration file

Contents

Author

Chuck Lever 20 Oct 2022 tlshd.conf(5)

Description

The tlshd program implements a user agent that services TLS handshake requests on behalf of kernel TLS consumers. Its configuration file contains information that the program reads when it starts up. The file is designed to be human readable and contains a list of keywords with values that provide various types of information. The configuration file is considered a trusted source of information. The tlshd program reads this file once when it is launched. Thus changes made in this file take effect only when the tlshd program is restarted. If this file does not exist, the tlshd program exits immediately.

Name

tlshd.conf - tlshd configuration file

Options

The configuration file is split into sections. The [debug] section specifies debugging settings for the tlshd program. In this section, there are three available options: loglevel This option specifies an integer which indicates the debug message level. Zero, the quietest setting, is the default. tls This option specifies an integer which indicates the debug message level for TLS library calls. Zero, the quietest setting, is the default. nl This option specifies an integer which indicates the debug message level for netlink library calls. Zero, the quietest setting, is the default. The [authenticate] section specifies default authentication material when establishing TLS sessions. In this section, there is one available option: keyrings This option specifies a semicolon-separated list of auxiliary keyrings that contain handshake authentication tokens. tlshd links these keyrings into its session keyring. The configuration file may specify either a keyring's name or serial number. The default is to provide no keyring. And, in this section, there are two subsections: [client] and [server]. The tlshd program consults the settings in the [client] subsection when handling the client end of a handshake, and it consults the settings in the [server] subsection when handling the server end of a handshake. In each of these two subsections, there are three available options: x509.truststore This option specifies the pathname of a file containing a PEM-encoded trust store that is to be used to verify a certificate during a handshake. If this option is not specified, tlshd uses the system's trust store. x509.certificate This option specifies the pathname of a file containing a PEM-encoded x.509 certificate that is to be presented during a handshake request when no other certificate is available. x509.private_key This option specifies the pathname of a file containing a PEM-encoded private key associated with the above certificate.

See Also

tlshd(8)

Synopsis

/etc/tlshd.conf

See Also

Filing
Filing PNG Icons
Option
Option PNG Icons
Man Pages
gitignore Man Pages
Man Pages
Program Man Pages
🤝
Handshake Emojis
Man Pages
Tirex::Config Man Pages
Certificate
Certificate PNG Icons
Man Pages
defaults Man Pages
← View File formats Category← Back to Application configuration🙏  Credits & Acknowledgments