crypto.use_tls to True, so it reads as below. After changing the file, restart the server.
crypto.use_tls to True
crypto.tls_client_certs to required, so it reads as below. After changing the file, restart the server.
ca-file which points to CA(s) the server certificates are signed off by, and
crt containing the load-balancer's private key and certificate, using the example below as a template. Again, all pieces should be placed on one line which has been broken out into multiple ones for clarity: