#Master config file, must be in /etc/radsecproxy or proxy's current directory
#	All possible config options are listed below
#
# You must specify at least one of TLSCACertificateFile or TLSCACertificatePath
# for TLS to work. We always verify peer certificate (both client and server)
#TLSCACertificateFile    /etc/cacerts/CA.pem
TLSCACertificatePath	/etc/cacerts

# You must specify the below for TLS, we will always present our certificate
TLSCertificateFile	/etc/hostcertkey/host.example.com.pem
TLSCertificateKeyFile	/etc/hostcertkey/host.example.com.key.pem
# Optionally specify password if key is encrypted (not very secure)
TLSCertificateKeyPassword	follow the white rabbit

# You can optionally specify addresses and ports to listen on
#	Max one of each, below are just multiple examples
#ListenUDP		*:1814
#listenUDP		localhost
#listenTCP		10.10.10.10:2084
#ListenTCP		[2001:700:1:7:215:f2ff:fe35:307d]:2084
# Optional log level. 2 is default, 1 is less, 3 is more
#LogLevel		2
#Optional LogDestinatinon, else stderr used for logging
# Logging to file
#LogDestination		file:///tmp/rp.log
# Or logging with Syslog. LOG_DAEMON used if facility not specified
# The supported facilities are LOG_DAEMON, LOG_MAIL, LOG_USER and
# LOG_LOCAL0, ..., LOG_LOCAL7
#LogDestination         x-syslog://
#LogDestination         x-syslog://log_local2