6 openssl - OpenSSL command line tool
17 OpenSSL is a cryptography toolkit implementing the Secure Sockets Layer (SSL
18 v2/v3) and Transport Layer Security (TLS v1) network protocols and related
19 cryptography standards required by them.
21 The B<openssl> program is a command line tool for using the various
22 cryptography functions of OpenSSL's B<crypto> library from the shell.
25 o Creation of RSA, DH and DSA key parameters
26 o Creation of X.509 certificates, CSRs and CRLs
27 o Calculation of Message Digests
28 o Encryption and Decryption with Ciphers
29 o SSL/TLS Client and Server Tests
31 =head1 COMMAND SUMMARY
33 The B<openssl> program provides a rich variety of commands (I<command> in the
34 SYNOPSIS above), each of which often has a wealth of options and arguments
35 (I<command_opts> and I<command_args> in the SYNOPSIS).
37 =head2 STANDARD COMMANDS
43 Parse an ASN.1 sequence.
47 Certificate Authority (CA) Management.
51 Cipher Suite Description Determination.
55 Certificate Revocation List (CRL) Management.
59 CRL to PKCS#7 Conversion.
63 Message Digest Calculation.
67 Diffie-Hellman Data Management.
75 DSA Parameter Generation.
79 Encoding with Ciphers.
83 Error Number to Error String Conversion.
87 Generation of Diffie-Hellman Parameters.
91 Generation of DSA Parameters.
95 Generation of RSA Parameters.
99 PKCS#7 Data Management.
103 X.509 Certificate Signing Request (CSR) Management.
111 This implements a generic SSL/TLS client which can establish a transparent
112 connection to a remote server speaking SSL/TLS. It's intended for testing
113 purposes only and provides only rudimentary interface functionality but
114 internally uses mostly all functionality of the OpenSSL B<ssl> library.
118 This implements a generic SSL/TLS server which accepts connections from remote
119 clients speaking SSL/TLS. It's intended for testing purposes only and provides
120 only rudimentary interface functionality but internally uses mostly all
121 functionality of the OpenSSL B<ssl> library. It provides both an own command
122 line oriented protocol for testing SSL functions and a simple HTTP response
123 facility to emulate an SSL/TLS-aware webserver.
127 SSL Connection Timer.
131 SSL Session Data Management.
135 Algorithm Speed Measurement.
139 X.509 Certificate Verification.
143 OpenSSL Version Information.
147 X.509 Certificate Data Management.
151 =head2 MESSAGE DIGEST COMMANDS
181 =head2 ENCODING AND CIPHER COMMANDS
189 =item B<bf bf-cbc bf-cfb bf-ecb bf-ofb>
193 =item B<cast cast-cbc>
197 =item B<cast5-cbc cast5-cfb cast5-ecb cast5-ofb>
201 =item B<des des-cbc des-cfb des-ecb des-ede des-ede-cbc des-ede-cfb des-ede-ofb des-ofb>
205 =item B<des3 desx des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb>
209 =item B<idea idea-cbc idea-cfb idea-ecb idea-ofb>
213 =item B<rc2 rc2-cbc rc2-cfb rc2-ecb rc2-ofb>
221 =item B<rc5 rc5-cbc rc5-cfb rc5-ecb rc5-ofb>
227 =head1 DETAILED COMMAND DESCRIPTION
229 The following is a detailed description of every B<openssl> I<command>.
230 (No, it isn't; this is here temporarily and should be in separate
231 files for s_client and for s_server.)
235 =item B<openssl> B<s_client>
236 [B<-connect> I<host>B<:>I<port>]
258 The B<s_client> command implements a generic SSL/TLS client which can
259 establish a transparent connection to a remote I<host> and I<port> speaking
262 =item B<openssl> B<s_server>
290 The B<s_server> command implements a generic SSL/TLS server which accepts
291 connections from remote clients on I<port> speaking SSL/TLS.
299 asn1parse(1), ca(1), config(1), crl(1), crl2pkcs7(1), dgst(1), dh(1),
300 dsa(1), dsaparam(1), enc(1), gendh(1), gendsa(1), genrsa(1), nseq(1),
301 openssl(1), pkcs12(1), pkcs7(1), pkcs8(1), req(1), rsa(1), smime(1),
302 spkac(1), verify(1), version(1), x509(1),
307 The openssl(1) document appeared in OpenSSL 0.9.2