--{ Value, "askpass", "[file]", translate("Get PEM password from controlling tty before we daemonize") },
{ Flag, "auth_nocache", 0, translate("Don't cache --askpass or --auth-user-pass passwords") },
{ Value, "tls_remote", "remote_x509_name", translate("Only accept connections from given X509 name") },
{ ListValue, "ns_cert_type", { "client", "server" }, translate("Require explicit designation on certificate") },
{ ListValue, "remote_cert_tls", { "client", "server" }, translate("Require explicit key usage on certificate") },
{ Value, "crl_verify", "/etc/easy-rsa/keys/crl.pem", translate("Check peer certificate against a CRL") },
--{ Value, "askpass", "[file]", translate("Get PEM password from controlling tty before we daemonize") },
{ Flag, "auth_nocache", 0, translate("Don't cache --askpass or --auth-user-pass passwords") },
{ Value, "tls_remote", "remote_x509_name", translate("Only accept connections from given X509 name") },
{ ListValue, "ns_cert_type", { "client", "server" }, translate("Require explicit designation on certificate") },
{ ListValue, "remote_cert_tls", { "client", "server" }, translate("Require explicit key usage on certificate") },
{ Value, "crl_verify", "/etc/easy-rsa/keys/crl.pem", translate("Check peer certificate against a CRL") },