# This is the SSLproxy configuration file

# Use CA cert (and key) to sign forged certs
CACert /etc/sslproxy/ca.crt
# Use CA key (and cert) to sign forged certs
CAKey /etc/sslproxy/ca.key

# Close connections after this many seconds of idle time
ConnIdleTimeout 120

# Check for expired connections every this many seconds
ExpiredConnCheckPeriod 10

# Retry to shut ssl conns down after this many micro seconds
# Increasing this delay may avoid dirty shutdowns on slow connections,
# but increases resource usage, such as file desriptors and memory
SSLShutdownRetryDelay 100

# Write pid to file
PidFile /var/run/sslproxy.pid

# Log statistics to syslog
LogStats yes

# Log statistics every this many ExpiredConnCheckPeriod periods
StatsPeriod 1

# Drop privileges to user and group
User _sslproxy
Group _sslproxy

# Remove HTTP header line for Accept-Encoding
RemoveHTTPAcceptEncoding no

# Proxy specifications
# type listenaddr+port up:utmport
ProxySpec https 127.0.0.1 8443 up:8080
ProxySpec pop3s 127.0.0.1 8995 up:8110
ProxySpec smtps 127.0.0.1 8465 up:9199