default (complex) | |
---|---|
Default: None | |
The certificate to show to the peer if no matching hostname is found in hostname_certificate_map .
|
hostname_certificate_map (complex) | |
---|---|
Default: n/a | |
A hash containing a matcher-certificate map. Each element of the hash contains a matcher and a certificate:
if a matcher matches the hostname in the SNI request, the certificate is showed to the peer.
You can use any matcher policy, though in most cases, RegexpMatcher will be adequate.
Different elements of the hash can use different types of matchers, for example, RegexpMatcher and RegexpFileMatcher.
For details on matcher policies, see Section 5.8, Module Matcher.
hostname_certificate_map={ RegexpMatcher( match_list=("myfirstdomain.example.com", )): StaticCertificate( certificates=(Certificate.fromFile( certificate_file_path="/etc/key.d/myfirstdomain/cert.pem", private_key=PrivateKey.fromFile( "/etc/key.d/myfirstdomain/key.pem")),)),} |
© 2021 BalaSys IT Security.
Send your comments to support@balasys.hu