diff options
Diffstat (limited to 'secure/usr.bin/openssl/man/s_client.1')
-rw-r--r-- | secure/usr.bin/openssl/man/s_client.1 | 26 |
1 files changed, 16 insertions, 10 deletions
diff --git a/secure/usr.bin/openssl/man/s_client.1 b/secure/usr.bin/openssl/man/s_client.1 index 9da80bc..9df5590 100644 --- a/secure/usr.bin/openssl/man/s_client.1 +++ b/secure/usr.bin/openssl/man/s_client.1 @@ -124,7 +124,7 @@ .\" ======================================================================== .\" .IX Title "S_CLIENT 1" -.TH S_CLIENT 1 "2012-05-10" "0.9.8x" "OpenSSL" +.TH S_CLIENT 1 "2012-05-10" "1.0.1c" "OpenSSL" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -214,6 +214,10 @@ also used when building the client certificate chain. .IX Item "-CAfile file" A file containing trusted certificates to use during server authentication and to use when attempting to build the client certificate chain. +.IP "\fB\-purpose, \-ignore_critical, \-issuer_checks, \-crl_check, \-crl_check_all, \-policy_check, \-extended_crl, \-x509_strict, \-policy \-check_ss_sig\fR" 4 +.IX Item "-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig" +Set various certificate chain valiadition option. See the +\&\fBverify\fR manual page for details. .IP "\fB\-reconnect\fR" 4 .IX Item "-reconnect" reconnects to the same server 5 times using the same session \s-1ID\s0, this can @@ -262,6 +266,14 @@ input. .IX Item "-quiet" inhibit printing of session and certificate information. This implicitly turns on \fB\-ign_eof\fR as well. +.IP "\fB\-psk_identity identity\fR" 4 +.IX Item "-psk_identity identity" +Use the \s-1PSK\s0 identity \fBidentity\fR when using a \s-1PSK\s0 cipher suite. +.IP "\fB\-psk key\fR" 4 +.IX Item "-psk key" +Use the \s-1PSK\s0 key \fBkey\fR when using a \s-1PSK\s0 cipher suite. The key is +given as a hexadecimal number without leading 0x, for example \-psk +1a2b3c4d. .IP "\fB\-ssl2\fR, \fB\-ssl3\fR, \fB\-tls1\fR, \fB\-no_ssl2\fR, \fB\-no_ssl3\fR, \fB\-no_tls1\fR" 4 .IX Item "-ssl2, -ssl3, -tls1, -no_ssl2, -no_ssl3, -no_tls1" these options disable the use of certain \s-1SSL\s0 or \s-1TLS\s0 protocols. By default @@ -289,13 +301,10 @@ send the protocol-specific message(s) to switch to \s-1TLS\s0 for communication. supported keywords are \*(L"smtp\*(R", \*(L"pop3\*(R", \*(L"imap\*(R", and \*(L"ftp\*(R". .IP "\fB\-tlsextdebug\fR" 4 .IX Item "-tlsextdebug" -print out a hex dump of any \s-1TLS\s0 extensions received from the server. Note: this -option is only available if extension support is explicitly enabled at compile -time +print out a hex dump of any \s-1TLS\s0 extensions received from the server. .IP "\fB\-no_ticket\fR" 4 .IX Item "-no_ticket" -disable RFC4507bis session ticket support. Note: this option is only available -if extension support is explicitly enabled at compile time +disable RFC4507bis session ticket support. .IP "\fB\-sess_out filename\fR" 4 .IX Item "-sess_out filename" output \s-1SSL\s0 session to \fBfilename\fR @@ -305,7 +314,7 @@ load \s-1SSL\s0 session from \fBfilename\fR. The client will attempt to resume a connection from this session. .IP "\fB\-engine id\fR" 4 .IX Item "-engine id" -specifying an engine (by it's unique \fBid\fR string) will cause \fBs_client\fR +specifying an engine (by its unique \fBid\fR string) will cause \fBs_client\fR to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms. @@ -363,9 +372,6 @@ If there are problems verifying a server certificate then the Since the SSLv23 client hello cannot include compression methods or extensions these will only be supported if its use is disabled, for example by using the \&\fB\-no_sslv2\fR option. -.PP -\&\s-1TLS\s0 extensions are only supported in OpenSSL 0.9.8 if they are explictly -enabled at compile time using for example the \fBenable-tlsext\fR switch. .SH "BUGS" .IX Header "BUGS" Because this program has a lot of options and also because some of |