| options/nixos/services.bacula-sd.director.<name>.tls.verifyPeer | Verify peer certificate
|
| options/nixos/services.bacula-fd.director.<name>.tls.verifyPeer | Verify peer certificate
|
| options/nixos/services.kanidm.serverSettings.tls_key | TLS key in pem format.
|
| options/nixos/services.tlsrpt.enable | Whether to enable the TLSRPT services.
|
| options/nixos/services.dolibarr.h2o.tls.identity.*.certificate-file | Path to certificate file
|
| options/nixos/virtualisation.podman.networkSocket.tls.cert | Path to certificate describing the server.
|
| options/nixos/services.nvme-rs.settings.email.use_tls | Use TLS for SMTP connection
|
| options/nixos/services.kanidm.server.settings.tls_key | TLS key in pem format.
|
| options/nixos/services.wstunnel.clients.<name>.tlsVerifyCertificate | Whether to verify the TLS certificate of the server
|
| options/nixos/services.kanidm.serverSettings.tls_chain | TLS chain in pem format.
|
| options/nixos/services.kanidm.server.settings.tls_chain | TLS chain in pem format.
|
| options/nixos/virtualisation.podman.networkSocket.tls.key | Path to the private key corresponding to the server certificate
|
| options/nixos/virtualisation.podman.networkSocket.tls.cacert | Path to CA certificate to use for client authentication.
|
| options/nixos/services.kubernetes.apiserver.tlsKeyFile | Kubernetes apiserver private key file.
|
| packages/nixpkgs/perl538Packages.NetSMTPTLS | SMTP client supporting TLS and AUTH |
| packages/nixpkgs/perl540Packages.NetSMTPTLS | SMTP client supporting TLS and AUTH |
| options/nixos/services.tlsrpt.package | The tlsrpt-reporter package to use.
|
| options/nixos/services.kubernetes.apiserver.tlsCertFile | Kubernetes apiserver certificate file.
|
| options/home-manager/accounts.email.accounts.<name>.smtp.tls.certificatesFile | Path to file containing certificate authorities that should
be used to validate the connection authenticity
|
| options/home-manager/accounts.email.accounts.<name>.imap.tls.certificatesFile | Path to file containing certificate authorities that should
be used to validate the connection authenticity
|
| options/home-manager/programs.senpai.config.address | The address (host[:port]) of the IRC server. senpai uses TLS
connections by default unless you specify tls option to be false
|
| options/nixos/services.cloudflared.tunnels.<name>.originRequest.tlsTimeout | Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server.
|
| options/nixos/services.headscale.settings.tls_letsencrypt_listen | When HTTP-01 challenge is chosen, letsencrypt must set up a
verification endpoint, and it will be listening on:
:http = port 80.
|
| options/nixos/services.resolved.dnsovertls | If set to
"true":
all DNS lookups will be encrypted
|
| options/nixos/services.matrix-synapse.workers.<name>.worker_listeners.*.tls | Whether to enable TLS on the listener socket.
This option will be ignored for UNIX domain sockets.
|
| packages/nixpkgs/hitch | Libev-based high performance SSL/TLS proxy by Varnish Software |
| options/nixos/services.postfix.settings.main.smtpd_tls_security_level | The server TLS security level
|
| options/nixos/services.postfix.tlsTrustedAuthorities | File containing trusted certification authorities (CA) to verify certificates of mailservers contacted for mail delivery
|
| options/nixos/services.prometheus.remoteRead.*.tls_config | Configures the remote read request's TLS settings.
|
| options/nixos/services.prometheus.remoteWrite.*.tls_config | Configures the remote write request's TLS settings.
|
| options/nixos/services.listmonk.database.settings.smtp.*.tls_type | Type of TLS authentication with the SMTP server
|
| options/nixos/services.postfix-tlspol.enable | Whether to enable postfix-tlspol.
|
| options/nixos/services.prometheus.alertmanagerGotify.gotifyEndpoint.tls | If your gotify endpoint uses https, leave this option set to default
|
| options/nixos/services.kubernetes.controllerManager.tlsKeyFile | Kubernetes controller-manager private key file.
|
| options/nixos/services.kubernetes.controllerManager.tlsCertFile | Kubernetes controller-manager certificate file.
|
| options/nixos/services.prometheus.scrapeConfigs.*.tls_config | Configures the scrape request's TLS settings.
|
| options/nixos/services.postfix-tlspol.package | The postfix-tlspol package to use.
|
| options/nixos/services.postfix.settings.main.smtp_tls_security_level | The client TLS security level.
Use dane with a local DNSSEC validating DNS resolver enabled.
https://www.postfix.org/postconf.5.html#smtp_tls_security_level
|
| options/nixos/services.tlsrpt.reportd.extraFlags | List of extra flags to pass to the tlsrpt-reportd executable
|
| options/nixos/users.ldap.useTLS | If enabled, use TLS (encryption) over an LDAP (port 389)
connection
|
| options/nixos/services.headscale.settings.tls_cert_path | Path to already created certificate.
|
| options/nixos/services.tlsrpt.fetcher.settings | Flags from tlsrpt-fetcher(1) as key-value pairs.
|
| options/nixos/services.tlsrpt.reportd.settings | Flags from tlsrpt-reportd(1) as key-value pairs.
|
| options/nixos/services.go-camo.sslKey | Path to TLS private key.
|
| options/nixos/services.headscale.settings.tls_key_path | Path to key for already created certificate.
|
| options/nixos/services.postfix-tlspol.settings | The postfix-tlspol configuration file as a Nix attribute set
|
| options/nixos/services.tlsrpt.collectd.extraFlags | List of extra flags to pass to the tlsrpt-reportd executable
|
| options/nixos/services.go-camo.sslCert | Path to TLS certificate.
|
| options/nixos/services.doh-server.settings.upstream | Upstream DNS resolver
|
| options/nixos/services.tlsrpt.configurePostfix | Whether to configure permissions to allow integration with Postfix.
|
| options/nixos/services.scrutiny.settings.web.influxdb.tls.insecure_skip_verify | Whether to enable skipping TLS verification when connecting to InfluxDB.
|
| options/nixos/services.tlsrpt.collectd.settings | Flags from tlsrpt-collectd(1) as key-value pairs.
|
| options/nixos/services.tlsrpt.reportd.settings.dbname | Path to the sqlite database.
|
| options/nixos/services.h2o.defaultTLSRecommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| options/nixos/services.tlsrpt.fetcher.settings.storage | Path to the collectd sqlite database.
|
| options/nixos/services.postfix-tlspol.settings.server.log-level | Log level
|
| options/nixos/services.invidious.nginx.enable | Whether to configure nginx as a reverse proxy for Invidious
|
| options/nixos/services.postfix-tlspol.settings.server.cache-file | Path to the cache file.
|
| options/nixos/services.tlsrpt.collectd.settings.storage | Storage backend definition.
|
| options/nixos/services.postfix-tlspol.configurePostfix | Whether to configure the required settings to use postfix-tlspol in the local Postfix instance.
|
| options/nixos/services.coturn.dh-file | Use custom DH TLS key, stored in PEM format in the file.
|
| options/nixos/services.uhub.<name>.enableTLS | Whether to enable TLS support.
|
| options/nixos/services.tlsrpt.reportd.settings.fetchers | Comma-separated list of fetcher programs that retrieve collectd data.
|
| options/nixos/services.molly-brown.keyPath | Path to TLS key
|
| options/nixos/services.postfix-tlspol.settings.dns.address | IP and port to your DNS resolver
|
| options/nixos/services.resolved.settings.Resolve.DNSOverTLS | Whether to use TLS encryption for DNS queries
|
| options/nixos/services.postfix-tlspol.settings.server.address | Path or address/port where postfix-tlspol binds its socket to.
|
| options/nixos/services.cfssl.mutualTlsCa | Mutual TLS - require clients be signed by this CA.
|
| options/nixos/services.tlsrpt.reportd.settings.log_level | Level of log messages to emit.
|
| options/nixos/services.tlsrpt.fetcher.settings.log_level | Level of log messages to emit.
|
| options/nixos/services.prometheus.exporters.imap-mailstat.accounts.<name>.starttls | set to true for using STARTTLS to start a TLS connection
|
| options/nixos/services.cfssl.mutualTlsCn | Mutual TLS - regex for whitelist of allowed client CNs.
|
| options/nixos/services.skydns.etcd.caCert | Skydns path of TLS certificate authority public key.
|
| options/nixos/services.nginx.sslCiphers | Ciphers to choose from when negotiating TLS handshakes.
|
| options/nixos/services.ncps.cache.redis.useTLS | Use TLS for Redis connection.
|
| options/nixos/services.tlsrpt.collectd.settings.log_level | Level of log messages to emit.
|
| options/nixos/services.postfix-tlspol.settings.server.prefetch | Whether to prefetch DNS records when the TTL of a cached record is about to expire.
|
| options/nixos/services.prometheus.scrapeConfigs.*.kuma_sd_configs.*.tls_config | TLS configuration.
|
| packages/nixpkgs/testssl | CLI tool to check a server's TLS/SSL capabilities |
| options/nixos/services.ddclient.ssl | Whether to use SSL/TLS to connect to dynamic DNS provider.
|
| options/nixos/services.prometheus.scrapeConfigs.*.http_sd_configs.*.tls_config | Configures the scrape request's TLS settings.
|
| options/nixos/services.prometheus.remoteRead.*.tls_config.ca_file | CA certificate to validate API server certificate with.
|
| options/nixos/services.postfix.enableSubmissions | Whether to enable the submissions service configured in master.cf
|
| options/nixos/services.stunnel.enable | Whether to enable the stunnel TLS tunneling service.
|
| options/nixos/services.tlsrpt.collectd.settings.socketmode | Permissions on the UNIX socket.
|
| options/nixos/services.prometheus.remoteWrite.*.tls_config.ca_file | CA certificate to validate API server certificate with.
|
| packages/nixpkgs/sslscan | Tests SSL/TLS services and discover supported cipher suites |
| options/nixos/services.tlsrpt.collectd.settings.socketname | Path at which the UNIX socket will be created.
|
| options/nixos/services.syncplay.certDir | TLS certificates directory to use for encryption
|
| options/nixos/services.prometheus.scrapeConfigs.*.azure_sd_configs.*.tls_config | TLS configuration.
|
| options/nixos/services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.tls_config | TLS configuration.
|
| options/nixos/services.prometheus.remoteRead.*.tls_config.key_file | Key file for client cert authentication to the server.
|
| options/nixos/services.kresd.listenTLS | Addresses and ports on which kresd should provide DNS over TLS (see RFC 7858)
|
| options/nixos/services.public-inbox.nntp.key | Path to TLS key to use for connections to public-inbox-nntpd(1).
|
| options/nixos/services.public-inbox.imap.key | Path to TLS key to use for connections to public-inbox-imapd(1).
|
| options/nixos/services.postfix.enableSubmission | Whether to enable the `submission` service configured in master.cf
|
| options/nixos/services.prometheus.remoteWrite.*.tls_config.key_file | Key file for client cert authentication to the server.
|
| options/nixos/services.postfix.settings.main.smtpd_tls_chain_files | List of paths to the server private keys and certificates.
The order of items matters and a private key must always be followed by the corresponding certificate.
https://www.postfix.org/postconf.5.html#smtpd_tls_chain_files
|
| options/nixos/services.tlsrpt.reportd.settings.http_script | Call to an HTTPS client, that accepts the URL on the commandline and the request body from stdin.
|
| options/nixos/services.public-inbox.imap.cert | Path to TLS certificate to use for connections to public-inbox-imapd(1).
|