For a full example, see
goodies/simcrypt.cfg. Key configured with
DefaultPrivateKey is used when Key Identifier
AVP, also known as certificate identifier
attribute, is not present. Key configured with
PrivateKeyFile is used identifier is not
present.
For more information about Key Identifier
AVP and certificate identifier attribute, see
3GPP document S3-170116 and Wireless Broadband Alliance technical
specification IMSI Privacy Protection for Wi-Fi.
<IMSICrypt>
# Identifier is used by AKA and SIM clauses to refer to this
# clause for identity decryption.
Identifier imsi-decrypter
# DefaultPrivateKeyFile and DefaultPrivateKeyPassword work as
# pairs.
DefaultPrivateKeyFile %D/certificates/server-key.pem
DefaultPrivateKeyPassword whatever
#DefaultPrivateKeyFile %D/private-keys/default-key1.pem
#DefaultPrivateKeyPassword password-for-default-key1
#DefaultPrivateKeyFile %D/private-keys/default-key2.pem
## Key in file default-key2.pem is not password protected
#PrivateKeyFile CertificateSerialNumber=12345,%D/private-keys/key-12345.pem
#PrivateKeyPassword CertificateSerialNumber=12345,password-for-key-12345
#PrivateKeyFile CertificateSerialNumber=23456,%D/private-keys/key-23456.pem
## Key in file key-23456.pem is not password proteced
#PrivateKeyFile CertificateSerialNumber=34567,%D/private-keys/key-34567.pem
#PrivateKeyPassword CertificateSerialNumber,password-for-key-34567
</IMSICrypt>
<AuthBy AKAWX>
# Other AKAWX configuration parameters
IMSICrypt imsi-decrypter
</AuthBy>
