diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2004-11-16 17:30:59 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2004-11-16 17:30:59 +0000 |
commit | 826a42a0888624780f6758df1282288cb34a570f (patch) | |
tree | 59d793bfdf70dd28de767eb0cf8c73d907940017 /doc | |
parent | 19f39703f7b71e421f5de3e22e3567d03934d6a7 (diff) |
PR: 910
Add command line options -certform, -keyform and -pass to s_client and
s_server. This supports the use of alternative passphrase sources, key formats
and keys handled by an ENGINE.
Update docs.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/apps/s_client.pod | 16 | ||||
-rw-r--r-- | doc/apps/s_server.pod | 23 |
2 files changed, 39 insertions, 0 deletions
diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod index 8d19079973..e1e1ba9865 100644 --- a/doc/apps/s_client.pod +++ b/doc/apps/s_client.pod @@ -11,7 +11,10 @@ B<openssl> B<s_client> [B<-connect host:port>] [B<-verify depth>] [B<-cert filename>] +[B<-certform DER|PEM>] [B<-key filename>] +[B<-keyform DER|PEM>] +[B<-pass arg>] [B<-CApath directory>] [B<-CAfile filename>] [B<-reconnect>] @@ -57,11 +60,24 @@ then an attempt is made to connect to the local host on port 4433. The certificate to use, if one is requested by the server. The default is not to use a certificate. +=item B<-certform format> + +The certificate format to use: DER or PEM. PEM is the default. + =item B<-key keyfile> The private key to use. If not specified then the certificate file will be used. +=item B<-keyform format> + +The private format to use: DER or PEM. PEM is the default. + +=item B<-pass arg> + +the private key password source. For more information about the format of B<arg> +see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>. + =item B<-verify depth> The verify depth to use. This specifies the maximum length of the diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod index 1d21921e47..7c1a9581d9 100644 --- a/doc/apps/s_server.pod +++ b/doc/apps/s_server.pod @@ -13,9 +13,15 @@ B<openssl> B<s_server> [B<-verify depth>] [B<-Verify depth>] [B<-cert filename>] +[B<-certform DER|PEM>] [B<-key keyfile>] +[B<-keyform DER|PEM>] +[B<-pass arg>] [B<-dcert filename>] +[B<-dcertform DER|PEM>] [B<-dkey keyfile>] +[B<-dkeyform DER|PEM>] +[B<-dpass arg>] [B<-dhparam filename>] [B<-nbio>] [B<-nbio_test>] @@ -70,11 +76,24 @@ certificate and some require a certificate with a certain public key type: for example the DSS cipher suites require a certificate containing a DSS (DSA) key. If not specified then the filename "server.pem" will be used. +=item B<-certform format> + +The certificate format to use: DER or PEM. PEM is the default. + =item B<-key keyfile> The private key to use. If not specified then the certificate file will be used. +=item B<-keyform format> + +The private format to use: DER or PEM. PEM is the default. + +=item B<-pass arg> + +the private key password source. For more information about the format of B<arg> +see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>. + =item B<-dcert filename>, B<-dkey keyname> specify an additional certificate and private key, these behave in the @@ -86,6 +105,10 @@ and some a DSS (DSA) key. By using RSA and DSS certificates and keys a server can support clients which only support RSA or DSS cipher suites by using an appropriate certificate. +=item B<-dcertform format>, B<-dkeyform format>, B<-dpass arg> + +addtional certificate and private key format and passphrase respectively. + =item B<-nocert> if this option is set then no certificate is used. This restricts the |