From 9d2674cd232ab51f5ae7952a63a614b688145527 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Wed, 21 Feb 2018 17:23:11 +0000 Subject: Add documentation for TLSv1.3 ciphersuite configuration Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/5392) --- doc/man1/s_client.pod | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) (limited to 'doc/man1/s_client.pod') diff --git a/doc/man1/s_client.pod b/doc/man1/s_client.pod index f101b33649..a06d3a6291 100644 --- a/doc/man1/s_client.pod +++ b/doc/man1/s_client.pod @@ -99,6 +99,7 @@ B B [B<-sigalgs sigalglist>] [B<-curves curvelist>] [B<-cipher cipherlist>] +[B<-ciphersuites val>] [B<-serverpref>] [B<-starttls protocol>] [B<-xmpphost hostname>] @@ -505,10 +506,20 @@ ultimately selected by the server. For a list of all curves, use: =item B<-cipher cipherlist> -This allows the cipher list sent by the client to be modified. Although -the server determines which cipher suite is used it should take the first -supported cipher in the list sent by the client. See the B -command for more information. +This allows the TLSv1.2 and below cipher list sent by the client to be modified. +This list will be combined with any TLSv1.3 ciphersuites that have been +configured. Although the server determines which ciphersuite is used it should +take the first supported cipher in the list sent by the client. See the +B command for more information. + +=item B<-ciphersuites val> + +This allows the TLSv1.3 ciphersuites sent by the client to be modified. This +list will be combined with any TLSv1.2 and below ciphersuites that have been +configured. Although the server determines which cipher suite is used it should +take the first supported cipher in the list sent by the client. See the +B command for more information. The format for this list is a simple +colon (":") separated list of TLSv1.3 ciphersuite names. =item B<-starttls protocol> -- cgit v1.2.3