# SLH-DSA-SHAKE-128s root, ML-DSA-44 entity certs (TLS 1.3 only).
#
# Server-auth scenario.

# server TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/slhdsa/server-mldsa44-shake.pem
-k ./certs/slhdsa/server-mldsa44-priv.pem
-d

# client TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/slhdsa/root-slhdsa-shake-128s.pem
-C

# Mutual-auth scenario.

# server TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/slhdsa/server-mldsa44-shake.pem
-k ./certs/slhdsa/server-mldsa44-priv.pem
-A ./certs/slhdsa/root-slhdsa-shake-128s.pem
-V
# Remove -V when CRL for SLH-DSA root certificates available.

# client TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/slhdsa/client-mldsa44-shake.pem
-k ./certs/slhdsa/client-mldsa44-priv.pem
-A ./certs/slhdsa/root-slhdsa-shake-128s.pem
-C