# Run as a daemon?
#daemon			yes
#pid-file		/var/run/titus.pid

# Which port to listen on
port			443

# Run in transparent proxy mode (see titus(8) man page)?
#transparent		no

# Address of backend application
backend			127.0.0.1
backend-port		8443

# Minimum number of children to keep running waiting for connections
#min-spare-children	3

# Maximum number of children (i.e. connections) at once
#max-children		100

# Maximum time (in seconds) that TLS handshake may take
#max-handshake-time	10

# What user and group to run the network-talking processes as
network-user		titus
network-group		nogroup

# What user and group to run the key server processes as
keyserver-user		titus-keys
keyserver-group		nogroup

# Directory to chroot to (this should be empty and not writable by the titus user)
chroot			/var/lib/titus/empty

# TLS key and certificate
key			/etc/ssl/private/www.example.com.key
cert			/etc/ssl/certs/www.example.com.chained.crt

# TLS settings (see titus(8) man page)
#ciphers		ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-SHA:ECDHE-RSA-RC4-SHA:RC4-SHA
#dhgroup		14
#ecdhcurve		secp521r1
#compression		no
#sslv3			no
#tlsv1			yes
#tlsv1.1		yes
#tlsv1.2		yes
#honor-client-cipher-order no