1 #Master config file, must be in /etc/radsecproxy or proxy's current directory
2 # All possible config options are listed below
4 # You must specify at least one of TLSCACertificateFile or TLSCACertificatePath
5 # for TLS to work. We always verify peer certificate (both client and server)
6 #TLSCACertificateFile /etc/cacerts/CA.pem
7 TLSCACertificatePath /etc/cacerts
9 # You must specify the below for TLS, we will always present our certificate
10 TLSCertificateFile /etc/hostcertkey/host.example.com.pem
11 TLSCertificateKeyFile /etc/hostcertkey/host.example.com.key.pem
12 # Optionally specify password if key is encrypted (not very secure)
13 TLSCertificateKeyPassword follow the white rabbit
15 # You can optionally specify addresses and ports to listen on
16 # Max one of each, below are just multiple examples
19 #listenTCP 10.10.10.10:2084
20 #ListenTCP [2001:700:1:7:215:f2ff:fe35:307d]:2084
21 # Optional log level. 3 is default, 1 is less, 4 is more
23 #Optional LogDestinatinon, else stderr used for logging
25 #LogDestination file:///tmp/rp.log
26 # Or logging with Syslog. LOG_DAEMON used if facility not specified
27 # The supported facilities are LOG_DAEMON, LOG_MAIL, LOG_USER and
28 # LOG_LOCAL0, ..., LOG_LOCAL7
29 #LogDestination x-syslog://
30 #LogDestination x-syslog://log_local2