#@(#)$Id: elmrc-tls-info,v 2.3 2020/05/31 11:57:36 hurtta Exp $
# Elm Version ME+ 2.5
#
#$HDR
#-----------------------------------------------------------------------
#
# Settings for libelmme-tls.so shared library
#
# Shared library libelmme-tls.so provides POP's STLS, IMAP's STARTTLS 
# and SMTP's or Submission's STARTTLS command.

default-tls-version
# This variable gives default SSL/TLS version.
#
# This is used, if "tls:starttls-version" and "tls:tls-version" parameters does not exists on
# global elm.mailservices or user's ~/.elm/mail.services file for particular host and service.
#
# Possible value formats:
#   
#    ssl			SSL or TLS, semantic varies
#    tls			TLS, semantic varies (default)
#    tls-1			TLS 1 protocol
#    tls-1.1			TLS 1.1 protocol
#    tls-1.2			TLS 1.2 protocol

rand-file
# This variable specifies from which file PRNG (pseudo random number generator) 
# state is read. That file is overwritten with new PRNG state. 
#
# Possible value formats:
#   
#    (not set)		Uses OpenSSL's default ($RANDFILE or $HOME/.rnd).
#    {rc}/file		Uses file on ~/.elm directory.
#    $RANDFILE		Uses file pointed by environment variable.
#    ~/file		Uses file on home directory.
#    =file		Uses file on folder directory (WARNING: File is overwritten 
#    			with random data).
#    none		Indicates that PRNG state file should not be read or 
#    			written.
#
# Value "none" is recommended on systems, where /dev/urandom exists 
# (because OpenSSL uses /dev/urandom device to  seed PRNG state, if 
# that device exists.)

rand-egd
# This variable specifies path to Unix socket from where entropy gathering daemon 
# (EGD) should be queried.
#
# Default value "none" means that EGD is not available.
# You should use EGD if /dev/urandom is not available.
#

$user
# Variables "trusted-ca-certificates-file" and "trusted-ca-certificates-dir" 
# specifies locations for trusted CA certificates.  These are used on server's 
# certificate verification.

trusted-ca-certificates-file
# This variable gives file which is read for CA certificates in PEM format.
#
# Possible value formats:
#   
#    (not set)		Uses OpenSSL's default (usually /usr/local/ssl/cert.pem or 
#                       /usr/lib/ssl/cert.pem).
#    {rc}/file       	Uses file on ~/.elm directory.
#    {lib}/file      	Uses file on Elm's global library directory.
#    {etc}/file      	Uses file on Elm's global configure directory
#    $CACERTFILE     	Uses file pointed by environment variable.
#    ~/file          	Uses file on home directory.
#    =file           	Uses file on folder directory.
#    none            	Indicates that CA certificates file should not be used on 
#    			certificate verification.

trusted-ca-certificates-dir
# This variable gives a directory containing CA certificates in PEM format.
#
# Possible value formats:
#   
#    (not set)		Uses OpenSSL's default (usually /usr/local/ssl/certs or
#                       /usr/lib/ssl/certs).
#    {rc}/dir        	Uses dir on ~/.elm directory.
#    {lib}/dir       	Uses dir on Elm's global library directory.
#    {etc}/dir       	Uses dir on Elm's global configure directory.
#    $CACERTDIR      	Uses dir pointed by environment variable.
#    ~/dir           	Uses dir on home directory.
#    =dir            	Uses dir on folder directory.
#    none            	Indicates that CA certificates directory should not be used 
#    			on certificate verification.
