| options/nixos/services.public-inbox.nntp.cert | Path to TLS certificate to use for connections to public-inbox-nntpd(1).
|
| options/nixos/services.prometheus.scrapeConfigs.*.tls_config.ca_file | CA certificate to validate API server certificate with.
|
| options/nixos/services.prometheus.remoteRead.*.tls_config.cert_file | Certificate file for client cert authentication to the server.
|
| options/nixos/services.infinoted.keyFile | Private key to use for TLS
|
| options/nixos/services.postfix.settings.main.smtp_tls_CAfile | File containing CA certificates of root CAs trusted to sign either remote SMTP server certificates or intermediate CA certificates
|
| options/nixos/services.prometheus.scrapeConfigs.*.triton_sd_configs.*.tls_config | TLS configuration.
|
| options/nixos/services.prometheus.scrapeConfigs.*.linode_sd_configs.*.tls_config | TLS configuration.
|
| options/nixos/services.prometheus.scrapeConfigs.*.eureka_sd_configs.*.tls_config | TLS configuration.
|
| options/nixos/services.prometheus.scrapeConfigs.*.docker_sd_configs.*.tls_config | TLS configuration.
|
| options/nixos/services.prometheus.remoteWrite.*.tls_config.cert_file | Certificate file for client cert authentication to the server.
|
| options/nixos/services.maddy.config | Server configuration, see
https://maddy.email for
more information
|
| options/nixos/services.portunus.port | Port where the Portunus webserver should listen on
|
| options/nixos/services.prometheus.scrapeConfigs.*.consul_sd_configs.*.tls_config | Configures the Consul request's TLS settings.
|
| options/nixos/services.prometheus.scrapeConfigs.*.tls_config.key_file | Key file for client cert authentication to the server.
|
| options/nixos/services.tlsrpt.reportd.settings.contact_info | Contact information embedded into the reports.
|
| options/nixos/services.h2o.hosts | The hosts config to be merged with the settings
|
| options/nixos/services.davis.nginx.kTLS | Whether to enable kTLS support
|
| options/nixos/services.slskd.nginx.kTLS | Whether to enable kTLS support
|
| options/nixos/services.nginx.sslProtocols | Allowed TLS protocol versions.
|
| options/nixos/services.movim.nginx.kTLS | Whether to enable kTLS support
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.local.<name>.aaa_id | Server side EAP-Identity to expect in the EAP method
|
| options/nixos/services.httpd.sslProtocols | Allowed SSL/TLS protocol versions.
|
| options/nixos/services.snipe-it.nginx.kTLS | Whether to enable kTLS support
|
| options/nixos/services.nsd.remoteControl.port | Port number for remote control operations (uses TLS over TCP).
|
| options/nixos/services.prometheus.scrapeConfigs.*.hetzner_sd_configs.*.tls_config | TLS configuration.
|
| options/nixos/services.prometheus.scrapeConfigs.*.tls_config.cert_file | Certificate file for client cert authentication to the server.
|
| options/nixos/services.tt-rss.email.security | Used to select a secure SMTP connection
|
| options/nixos/services.molly-brown.certPath | Path to TLS certificate
|
| options/nixos/services.sslmate-agent.enable | Whether to enable sslmate-agent, a daemon for managing SSL/TLS certificates on a server.
|
| options/nixos/services.cfssl.mutualTlsClientCert | Mutual TLS - client certificate to call remote instance requiring client certs.
|
| packages/nixpkgs/perlPackages.NetSMTPTLSButMaintained | SMTP client supporting TLS and AUTH (DEPRECATED, use Net::SMTPS instead) |
| options/nixos/services.cfssl.mutualTlsClientKey | Mutual TLS - client key to call remote instance requiring client certs
|
| options/nixos/services.fluidd.nginx.kTLS | Whether to enable kTLS support
|
| options/nixos/services.akkoma.nginx.kTLS | Whether to enable kTLS support
|
| options/nixos/services.gancio.nginx.kTLS | Whether to enable kTLS support
|
| options/nixos/services.monica.nginx.kTLS | Whether to enable kTLS support
|
| options/nixos/services.matomo.nginx.kTLS | Whether to enable kTLS support
|
| options/nixos/services.pgadmin.emailServer.useTLS | Whether to enable TLS for connecting to the SMTP server.
|
| options/nixos/services.prometheus.remoteRead.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| packages/nixpkgs/perl5Packages.NetSMTPTLSButMaintained | SMTP client supporting TLS and AUTH (DEPRECATED, use Net::SMTPS instead) |
| options/nixos/services.prometheus.remoteWrite.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| options/nixos/security.acme.certs.<name>.ocspMustStaple | Turns on the OCSP Must-Staple TLS extension
|
| options/nixos/services.movim.h2o.settings | Attrset to be transformed into YAML for host config
|
| packages/nixpkgs/sslmate-agent | Daemon for managing SSL/TLS certificates on a server |
| packages/nixpkgs/redli | Humane alternative to the Redis-cli and TLS |
| options/nixos/services.prometheus.scrapeConfigs.*.scaleway_sd_configs.*.tls_config | TLS configuration.
|
| options/nixos/services.prometheus.scrapeConfigs.*.marathon_sd_configs.*.tls_config | TLS configuration.
|
| options/nixos/services.prometheus.scrapeConfigs.*.puppetdb_sd_configs.*.tls_config | TLS configuration.
|
| options/nixos/services.fedimintd.<name>.api.url | Public URL of the API address of the reverse proxy/tls terminator
|
| options/nixos/services.fedimintd.<name>.api.bind | Address to bind on for API connections relied by the reverse proxy/tls terminator.
|
| options/nixos/services.fedimintd.<name>.api.port | Port to bind on for API connections relied by the reverse proxy/tls terminator.
|
| options/nixos/services.public-inbox.imap.port | Listening port
|
| options/nixos/services.public-inbox.nntp.port | Listening port
|
| options/nixos/services.postfix-tlspol.settings.server.socket-permissions | Permissions to the UNIX socket, if configured.
Due to hardening on the systemd unit the socket can never be created world readable/writable.
|
| options/nixos/services.prometheus.scrapeConfigs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| options/nixos/services.h2o.hosts.<name>.settings | Attrset to be transformed into YAML for host config
|
| options/nixos/services.rkvm.server.settings.key | TLS key path.
This should be generated with rkvm-certificate-gen.
|
| options/nixos/services.tlsrpt.reportd.settings.sender_address | Sender address used for reports.
|
| packages/nixpkgs/ghostunnel | TLS proxy with mutual authentication support for securing non-TLS backend applications |
| packages/nixpkgs/cfssl | Cloudflare's PKI and TLS toolkit |
| packages/nixpkgs/pounce | Simple multi-client TLS-only IRC bouncer |
| options/nixos/services.syncplay.useACMEHost | If set, use NixOS-generated ACME certificate with the specified name for TLS
|
| options/nixos/services.prometheus.scrapeConfigs.*.openstack_sd_configs.*.tls_config | TLS configuration.
|
| options/nixos/virtualisation.podman.networkSocket.enable | Make the Podman and Docker compatibility API available over the network
with TLS client certificate authentication
|
| options/nixos/services.fedimintd.<name>.nginx.fqdn | Public domain of the API address of the reverse proxy/tls terminator.
|
| packages/nixpkgs/go-camo | Camo server is a special type of image proxy that proxies non-secure images over SSL/TLS |
| options/nixos/services.coder.wildcardAccessUrl | If you are providing TLS certificates directly to the Coder server, you must use a single certificate for the root and wildcard domains.
|
| options/nixos/services.zitadel.settings.TLS.KeyPath | Path to the TLS certificate private key.
|
| options/nixos/services.zitadel.settings.TLS.CertPath | Path to the TLS certificate.
|
| options/nixos/services.tailscale.permitCertUid | Username or user ID of the user allowed to to fetch Tailscale TLS certificates for the node.
|
| options/nixos/services.vsftpd.ssl_sslv2 | Only applies if ssl_enable is activated
|
| options/nixos/services.vsftpd.ssl_sslv3 | Only applies if ssl_enable is activated
|
| options/nixos/services.librespeed.domain | If not null, this will add an entry to services.librespeed.servers and
configure librespeed to use TLS.
|
| options/nixos/services.librenms.nginx.kTLS | Whether to enable kTLS support
|
| options/nixos/services.fediwall.nginx.kTLS | Whether to enable kTLS support
|
| options/nixos/services.dolibarr.nginx.kTLS | Whether to enable kTLS support
|
| options/nixos/services.agorakit.nginx.kTLS | Whether to enable kTLS support
|
| options/nixos/services.kanboard.nginx.kTLS | Whether to enable kTLS support
|
| options/nixos/services.mainsail.nginx.kTLS | Whether to enable kTLS support
|
| options/nixos/services.postfix.enableSmtp | Whether to enable the smtp service configured in the master.cf
|
| options/nixos/services.pixelfed.nginx.kTLS | Whether to enable kTLS support
|
| packages/nixpkgs/snicat | TLS & SNI aware netcat |
| options/nixos/services.prometheus.scrapeConfigs.*.kubernetes_sd_configs.*.tls_config | TLS configuration.
|
| packages/nixpkgs/perl538Packages.NetSMTPTLSButMaintained | SMTP client supporting TLS and AUTH (DEPRECATED, use Net::SMTPS instead) |
| packages/nixpkgs/perl540Packages.NetSMTPTLSButMaintained | SMTP client supporting TLS and AUTH (DEPRECATED, use Net::SMTPS instead) |
| options/nixos/services.fedimintd.<name>.api_ws.url | Public URL of the API address of the reverse proxy/tls terminator
|
| options/nixos/security.acme.defaults.ocspMustStaple | Turns on the OCSP Must-Staple TLS extension
|
| options/nixos/services.fedimintd.<name>.api_ws.bind | Address to bind on for API connections relied by the reverse proxy/tls terminator.
|
| options/nixos/services.cassandra.remoteJmx | Cassandra ships with JMX accessible only from localhost
|
| options/nixos/services.komodo-periphery.ssl.enable | Whether to enable SSL/TLS support.
|
| options/nixos/services.fedimintd.<name>.api_ws.port | TCP Port to bind on for API connections relayed by the reverse proxy/tls terminator.
|
| options/nixos/services.radicle.httpd.nginx.kTLS | Whether to enable kTLS support
|
| options/nixos/services.tlsrpt.reportd.settings.sendmail_script | Path to a sendmail-compatible executable for delivery reports.
|
| packages/nixpkgs/ecapture | Capture SSL/TLS text content without CA certificate Using eBPF |
| packages/nixpkgs/step-ca | Private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH |
| options/nixos/services.anuko-time-tracker.nginx.kTLS | Whether to enable kTLS support
|
| options/nixos/services.ghostunnel.servers | Server mode ghostunnels (TLS listener -> plain TCP/UNIX target)
|
| options/nixos/services.keycloak.database.useSSL | Whether the database connection should be secured by SSL / TLS
|
| options/nixos/services.nginx.virtualHosts.<name>.kTLS | Whether to enable kTLS support
|
| options/nixos/services.dolibarr.h2o.settings | Attrset to be transformed into YAML for host config
|