Initializes the struct with default values.
Path to the file or directory containing the CA/root certificates. Can be empty if the OpenSSL builtin CA certificates are used (see loadDefaultCAs).
Path to the certificate file (in PEM format).
If the private key and the certificate are stored in the same file, this can be empty if privateKeyFile is given.
Specifies the supported ciphers in OpenSSL notation. Defaults to "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH".
Specifies a file containing Diffie-Hellman parameters. If empty, the default parameters are used.
If set to true, will use 2048-bit MODP Group with 256-bit prime order subgroup (RFC5114) instead of 1024-bit for DH.
OpenSSL 1.0.1 and earlier:
Specifies the name of the curve to use for ECDH, based on the curve names specified in RFC 4492. Defaults to "prime256v1".
OpenSSL 1.0.2 to 1.1.0:
Specifies the colon-separated list of curves to be used for ECDH, based on the curve names defined by OpenSSL, such as "X448:X25519:P-521:P-384:P-256" Defaults to the subset supported by the OpenSSL version among the above.
OpenSSL 1.1.1 and above:
Specifies the colon-separated list of groups (some of which can be curves) to be used for ECDH and other TLSv1.3 ephemeral key negotiation, based on the group names defined by OpenSSL. Defaults to "X448:X25519:ffdhe4096:ffdhe3072:ffdhe2048:ffdhe6144:ffdhe8192:P-521:P-384:P-256"
Specifies whether the builtin CA certificates from OpenSSL are used. Defaults to false.
Specifies whether Client should verify OCSP Response Defaults to false.
Path to the private key file used for encryption. Can be empty if no private key file is used.
Defines minimal number of security bits allowed. Requires OpenSSL >= 1.1 to be effective.
Sets the upper limit for verification chain sizes. Verification will fail if a certificate chain larger than this is encountered. Defaults to 9.
Specifies whether and how peer certificates are validated. Defaults to VERIFY_RELAXED.