# radsecproxy -f -c radsecproxy.conf

#  If there's no ListenUDP config, then radsecproxy will listen on *:1812 by default.  <sigh>
ListenUDP		*:1816

tls default {
    CACertificateFile    ../../raddb/certs/CA.pem

    # You must specify the below for TLS, we always present our certificate
    CertificateFile	../../raddb/certs/client.pem
    CertificateKeyFile	../../raddb/certs/client.key

    # Optionally specify password if key is encrypted (not very secure)
    CertificateKeyPassword	"whatever"
}

client 127.0.0.1 {
	type	udp
	secret	testing123
}

server 127.0.0.1 {
	type	tls
	port	2084
	secret	radsec

	CertificateNameCheck off
}


realm * {
	server 127.0.0.1
}