# settings related to Transport Layer Security (TLS) certificates and keys

# Configure public PCP certificate and private key
#
#tls-key-file = /etc/pcp/tls/pcp.key
#tls-cert-file = /etc/pcp/tls/pcp.crt

# Configure a CA certificate(s) bundle or directory to authenticate TLS/SSL
# clients and peers.  PCP requires an explicit configuration of at least one
# of these, and will not implicitly use the system wide configuration.
#
#tls-ca-cert-file = /etc/pcp/tls/ca.crt
##tls-ca-cert-dir = /etc/ssl/certs

# Configure allowed ciphers.  See the ciphers(1ssl) manpage for more information
# about the syntax of this string.
#
# Note: this configuration applies only to <= TLSv1.2.
#
##tls-ciphers = DEFAULT:!MEDIUM

# Configure allowed TLSv1.3 ciphersuites.  See the ciphers(1ssl) manpage for more
# information about the syntax of this string, and specifically for TLSv1.3
# ciphersuites.
#
##tls-ciphersuites = TLS_CHACHA20_POLY1305_SHA256

# Configure client certificate verification, default is server checking only.
#
##tls-verify-clients = true