Check for configuration files ( server or proxy ). All related with encryption at the bottom of the conf files. What is better PSK or certs, you should decided yourself, what is more suits you. Using certs., seems more secure. PSK - easier for start, so up to you.
Link to the server conf. file options

Sorry, link is wrong, use for proxy one.

They are basically using the same concept for setting up and encrypting the connection, but certificates are better for commercial use because they are purchased from and verified by a third party. For internal/personal use, it generally doesn't matter.

PSK is *probably* marginally easier to break because the certificate keys tend to be significantly larger, but in reality, as long as you use a suitably large key, PSK is equally effective. The major difference tends to be how you manage your keys/certs. Personally, I tend to use self-signed certs because I find them easier to manage. I know others who find managing PSK keys easier because they are not a wall of "garbage text" and easily maintained in a password protected spreadsheet.

Don't get too hung up on the encryption method you choose - it is much more important that you concern yourself with the encryption algorithm you use, how you manage the keys, and other similar encryption factors. Another area of concern is that the encryption method for data at rest has no effect on encryption during transit and vise-versa. Ensure you are encrypting the data everywhere and not leaving part of it exposed unintentionally. Otherwise the whole exercise is pointless.

Hope that helps get you started.

Hi all,

Many thanks for your help guys , very useful for me