diff --git a/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/85TLS b/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/85TLS
new file mode 100644
index 0000000..0e31f1e
--- /dev/null
+++ b/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/85TLS
@@ -0,0 +1,33 @@
+{
+  my @encryptions = ();
+  my $psk_file = ${'zabbix-proxy'}{'TLSPSKFile'} || '/etc/zabbix/zabbix_proxy.psk';
+  my $psk_id   = ${'zabbix-proxy'}{'TLSPSKIdentity'} || $SystemName . '.' . $DomainName . '-proxy';
+  if (-s $psk_file){
+    push @encryptions, 'psk';
+    $OUT .=<<_EOF;
+TLSPSKFile=$psk_file
+TLSPSKIdentity=$psk_id
+_EOF
+  }
+
+  my $cert = ${'zabbix-proxy'}{'TLSCertFile'} || '/etc/zabbix/zabbix_proxy.crt';
+  my $key  = ${'zabbix-proxy'}{'TLSKeyFile'}  || '/etc/zabbix/zabbix_proxy.key';
+  my $ca   = ${'zabbix-proxy'}{'TLSCAFile'}   || '/etc/zabbix/zabbix_proxy.ca';
+  if (-s $cert && -s $key && -s $ca){
+    push @encryptions, 'cert';
+    $OUT .=<<_EOF;
+TLSCertFile=$cert
+TLSKeyFile=$key
+TLSCAFile=$ca
+_EOF
+    my $issuer  = ${'zabbix-proxy'}{'TLSServerCertIssuer'} || '';
+    my $subject = ${'zabbix-proxy'}{'TLSServerCertSubject'} || '';
+    $OUT .= "TLSServerCertIssuer=$issuer\n"   if ($issuer ne '');
+    $OUT .= "TLSServerCertSubject=$subject\n" if ($subject ne '');
+  }
+  my $encryptions = (scalar @encryptions > 0) ? join(',', @encryptions) : 'unencrypted';
+  $OUT .=<<_EOF;
+TLSConnect=$encryptions
+TLSAccept=$encryptions
+_EOF
+}