tls_certificate = CDIR/server1.example.com/server1.example.com.chain.pem
tls_privatekey = CDIR/server1.example.com/server1.example.com.unlocked.key
-tls_ocsp_file = CDIR/server1.example.com/server1.example.com.ocsp.good.resp
tls_require_ciphers = OPTION
tls_resumption_hosts = 127.0.0.1
logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}}
logwrite = peer cert verified\t${tls_in_certificate_verified}
logwrite = peer dn\t${tls_in_peerdn}
- logwrite = ocsp\t${tls_in_ocsp}
logwrite = cipher\t${tls_in_cipher}
logwrite = bits\t${tls_in_bits}
accept
logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}}
logwrite = peer cert verified\t${tls_out_certificate_verified}
logwrite = peer dn\t${tls_out_peerdn}
- logwrite = ocsp\t${tls_out_ocsp}
logwrite = cipher\t${tls_out_cipher}
logwrite = bits\t${tls_out_bits}
hosts = 127.0.0.1
port = PORT_D
helo_data = helo.data.changed
+.ifdef HELO_MSG
+ host_name_extract = HELO_MSG
+.endif
.ifdef VALUE
tls_resumption_hosts = *
.else