################################################################################
# SSL Options
#
# Please refer to the python ssl module for details


# Key file to use:
#ssl-key = /path/to/keyfile
ssl-key = 

# Certifcate file to use:
#ssl-cert = /path/to/cert
ssl-cert = 

# Specifies which version of the SSL protocol to use:
#ssl-protocol = SSLv23
#ssl-protocol = TLSv1_2

# The ca_certs file contains a set of concatenated 'certification authority' certificates:
#ssl-ca-certs = default
#ssl-ca-certs = /path/to/cacertfile
#ssl-ca-certs = /path/to/cacertsdir/

# Whether to try to verify the client's certificates
# and how to behave if verification fails:
#ssl-client-verify-mode = none
#ssl-client-verify-mode = optional
#ssl-client-verify-mode = required
ssl-client-verify-mode = optional

# Whether to try to verify the server's certificates
# and how to behave if verification fails:
#ssl-server-verify-mode = none
#ssl-server-verify-mode = optional
#ssl-server-verify-mode = required
ssl-server-verify-mode = required

# Whether to match the peer cert's hostname:
ssl-check-hostname = off

# Server hostname to check for:
ssl-server-hostname = localhost


# The following options require Python 2.7.9 or later:

# The flags for certificate verification operations:
#ssl-verify-flags = DEFAULT
#ssl-verify-flags = CRL_CHECK_LEAF
#ssl-verify-flags = CHECK_CHAIN
ssl-verify-flags = X509_STRICT

# Sets the available ciphers for this SSL object:
#ssl-ciphers = ALL
#ssl-ciphers = HIGH
ssl-ciphers = DEFAULT

# Set of SSL options enabled on this context:
#ssl-options = ALL
#ssl-options = OP_NO_TLSv1,NO_COMPRESSION
ssl-options = ALL,NO_COMPRESSION