diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2007-08-23 11:34:48 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2007-08-23 11:34:48 +0000 |
commit | d24a9c8f5a087357e5cfcde9f1de52fda9b5321f (patch) | |
tree | 360ec3faa9f43972bc93f1c5b06a481d1fc4489b /doc | |
parent | 42fe218b9f17219aa807296a02dff3c55128719b (diff) |
Docs and usage messages for RFC4507bis support.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/apps/s_client.pod | 25 | ||||
-rw-r--r-- | doc/apps/s_server.pod | 10 |
2 files changed, 35 insertions, 0 deletions
diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod index afdc3f7df2..f99f5ac456 100644 --- a/doc/apps/s_client.pod +++ b/doc/apps/s_client.pod @@ -38,6 +38,10 @@ B<openssl> B<s_client> [B<-cipher cipherlist>] [B<-starttls protocol>] [B<-engine id>] +[B<-tlsextdebug>] +[B<-no_ticket>] +[B<-sess_out filename>] +[B<-sess_in filename>] [B<-rand file(s)>] =head1 DESCRIPTION @@ -196,6 +200,23 @@ send the protocol-specific message(s) to switch to TLS for communication. B<protocol> is a keyword for the intended protocol. Currently, the only supported keywords are "smtp", "pop3", "imap", and "ftp". +=item B<-tlsextdebug> + +print out a hex dump of any TLS extensions received from the server. + +=item B<-no_ticket> + +disable RFC4507bis session ticket support. + +=item B<-sess_out filename> + +output SSL session to B<filename> + +=item B<-sess_in sess.pem> + +load SSL session from B<filename>. The client will attempt to resume a +connection from this session. + =item B<-engine id> specifying an engine (by it's unique B<id> string) will cause B<s_client> @@ -256,6 +277,10 @@ on the command line is no guarantee that the certificate works. If there are problems verifying a server certificate then the B<-showcerts> option can be used to show the whole chain. +Since the SSLv23 client hello cannot include compression methods or extensions +these will only be supported if its use is disabled, for example by using the +B<-no_sslv2> option. + =head1 BUGS Because this program has a lot of options and also because some of diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod index 8c15addde3..b586874645 100644 --- a/doc/apps/s_server.pod +++ b/doc/apps/s_server.pod @@ -48,6 +48,8 @@ B<openssl> B<s_server> [B<-WWW>] [B<-HTTP>] [B<-engine id>] +[B<-tlsextdebug>] +[B<-no_ticket>] [B<-id_prefix arg>] [B<-rand file(s)>] @@ -215,6 +217,14 @@ also included in the server list is used. Because the client specifies the preference order, the order of the server cipherlist irrelevant. See the B<ciphers> command for more information. +=item B<-tlsextdebug> + +print out a hex dump of any TLS extensions received from the server. + +=item B<-no_ticket> + +disable RFC4507bis session ticket support. + =item B<-www> sends a status message back to the client when it connects. This includes |