nats-server/test/configs/tls_cert_cn_routes.conf

cluster {
  tls {
    cert_file = "./configs/certs/tlsauth/server.pem"
    key_file = "./configs/certs/tlsauth/server-key.pem"
    ca_file = "./configs/certs/tlsauth/ca.pem"
    verify_and_map = true
    timeout = 2
  }

  permissions {
    publish {
  	allow = ["public.>"]
    }
    subscribe {
  	allow = ["public.>"]
    }
  }

  authorization {
    user = "CN=localhost,OU=NATS.io Operators"
  }
}