wez/wezterm
1
1
Fork 0
mirror of https://github.com/wez/wezterm.git synced 2024-12-12 13:13:15 +03:00
Code Issues Projects Releases Wiki Activity
ee5d5714ca
wezterm/docs/config/lua/TlsDomainClient.md
Wez Furlong ee5d5714ca docs: update for 20220319-142410-0fcdea07
2022-03-19 16:37:27 -07:00

90 lines
3.2 KiB
Markdown
Raw Blame History

# TlsDomainClient
The `TlsDomainClient` struct specifies information about how to connect
to a [TLS Domain](../../multiplexing.md#tls-domains).
It is a lua object with the following fields:
```lua
{
-- The name of this specific domain. Must be unique amongst
-- all types of domain in the configuration file.
name = "server.name",
-- If set, use ssh to connect, start the server, and obtain
-- a certificate.
-- The value is "user@host:port", just like "wezterm ssh" accepts.
bootstrap_via_ssh = "server.hostname",
-- identifies the host:port pair of the remote server.
remote_address = "server.hostname:8080",
-- the path to an x509 PEM encoded private key file.
-- Omit this if you are using `bootstrap_via_ssh`.
-- pem_private_key = "/some/path/key.pem",
-- the path to an x509 PEM encoded certificate file
-- Omit this if you are using `bootstrap_via_ssh`.
-- pem_cert = "/some/path/cert.pem",
-- the path to an x509 PEM encoded CA chain file
-- Omit this if you are using `bootstrap_via_ssh`.
-- pem_ca = "/some/path/ca.pem",
-- A set of paths to load additional CA certificates.
-- Each entry can be either the path to a directory or to a PEM encoded
-- CA file. If an entry is a directory, then its contents will be
-- loaded as CA certs and added to the trust store.
-- Omit this if you are using `bootstrap_via_ssh`.
-- pem_root_certs = { "/some/path/ca1.pem", "/some/path/ca2.pem" },
-- explicitly control whether the client checks that the certificate
-- presented by the server matches the hostname portion of
-- `remote_address`. The default is true. This option is made
-- available for troubleshooting purposes and should not be used outside
-- of a controlled environment as it weakens the security of the TLS
-- channel.
-- accept_invalid_hostnames = false,
-- the hostname string that we expect to match against the common name
-- field in the certificate presented by the server. This defaults to
-- the hostname portion of the `remote_address` configuration and you
-- should not normally need to override this value.
-- expected_cn = "other.name",
-- If true, connect to this domain automatically at startup
-- connect_automatically = false,
-- Specify an alternate read timeout
-- read_timeout = 60,
-- Specify an alternate write timeout
-- write_timeout = 60,
-- The path to the wezterm binary on the remote host
-- remote_wezterm_path = "/home/myname/bin/wezterm"
}
```
*Since: 20220319-142410-0fcdea07*
You may now specify the round-trip latency threshold for enabling predictive
local echo using `local_echo_threshold_ms`. If the measured round-trip latency
between the wezterm client and the server exceeds the specified threshold, the
client will attempt to predict the server's response to key events and echo the
result of that prediction locally without waiting, hence hiding latency to the
user. This option only applies when `multiplexing = "WezTerm"`.
```lua
return {
tls_domains = {
{
name = "server,name",
bootstrap_via_ssh = "server.hostname",
remote_address = "server.hostname:8080",
local_echo_threshold_ms = 10,
}
},
}
```
Reference in New Issue View Git Blame Copy Permalink