diff options
| author | Hubert Kario <hkario@redhat.com> | 2014-06-06 16:48:43 +0200 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2014-07-14 23:42:59 +0100 |
| commit | 7efd0e777e65eaa6c60d85b1cc5c889f872f8fc4 (patch) | |
| tree | 2739b126daac82f3254f9ccbd48850b279dae72a /doc | |
| parent | ec5a992cdee2b0adf87e6eecb8bc142037592a9d (diff) | |
document -nextprotoneg option in man pages
Add description of the option to advertise support of
Next Protocol Negotiation extension (-nextprotoneg) to
man pages of s_client and s_server.
PR#3444
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/apps/s_client.pod | 12 | ||||
| -rw-r--r-- | doc/apps/s_server.pod | 10 |
2 files changed, 22 insertions, 0 deletions
diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod index 4bccba1f2e..8f64f49dd0 100644 --- a/doc/apps/s_client.pod +++ b/doc/apps/s_client.pod @@ -77,6 +77,7 @@ B<openssl> B<s_client> [B<-rand file(s)>] [B<-serverinfo types>] [B<-status>] +[B<-nextprotoneg protocols>] =head1 DESCRIPTION @@ -333,6 +334,17 @@ file. sends a certificate status request to the server (OCSP stapling). The server response (if any) is printed out. +=item B<-nextprotoneg protocols> + +enable Next Protocol Negotiation TLS extension and provide a list of +comma-separated protocol names that the client should advertise +support for. The list should contain most wanted protocols first. +Protocol names are printable ASCII strings, for example "http/1.1" or +"spdy/3". +Empty list of protocols is treated specially and will cause the client to +advertise support for the TLS extension but disconnect just after +reciving ServerHello with a list of server supported protocols. + =back =head1 CONNECTED COMMANDS diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod index 0ba7588ac7..3f657c9490 100644 --- a/doc/apps/s_server.pod +++ b/doc/apps/s_server.pod @@ -88,6 +88,8 @@ B<openssl> B<s_server> [B<-status_verbose>] [B<-status_timeout nsec>] [B<-status_url url>] +[B<-nextprotoneg protocols>] + =head1 DESCRIPTION The B<s_server> command implements a generic SSL/TLS server which listens @@ -387,6 +389,14 @@ sets a fallback responder URL to use if no responder URL is present in the server certificate. Without this option an error is returned if the server certificate does not contain a responder address. +=item B<-nextprotoneg protocols> + +enable Next Protocol Negotiation TLS extension and provide a +comma-separated list of supported protocol names. +The list should contain most wanted protocols first. +Protocol names are printable ASCII strings, for example "http/1.1" or +"spdy/3". + =back =head1 CONNECTED COMMANDS |