=pod

=head1 NAME

openssl - OpenSSL command line tool

=head1 SYNOPSIS

B<openssl>
I<command>
[ I<command_opts> ]
[ I<command_args> ]

=head1 DESCRIPTION

OpenSSL is a cryptography toolkit implementing the Secure Sockets Layer (SSL
v2/v3) and Transport Layer Security (TLS v1) network protocols and related
cryptography standards required by them.

The B<openssl> program is a command line tool for using the various
cryptography functions of OpenSSL's B<crypto> library from the shell. 
It can be used for 

 o  Creation of RSA, DH and DSA key parameters
 o  Creattion of X.509 certificates, CSRs and CRLs 
 o  Calculation of Message Digests
 o  Encryption and Decryption with Ciphers
 o  SSL/TLS Client and Server Tests

=head1 COMMAND SUMMARY

The B<openssl> program provides a rich variety of commands (I<command> in the
SYNOPSIS above), each of which often has a wealth of options and arguments
(I<command_opts> and I<command_args> in the SYNOPSIS).

=over 10

=item B<s_client>

This implements a generic SSL/TLS client which can establish a transparent
connection to a remote server speaking SSL/TLS. It's intended for testing
purposes only and provides only rudimentary interface functionality but
internally uses mostly all functionality of the OpenSSL B<ssl> library.

=item B<s_server>

This implements a generic SSL/TLS server which accepts connections from remote
clients speaking SSL/TLS. It's intended for testing purposes only and provides
only rudimentary interface functionality but internally uses mostly all
functionality of the OpenSSL B<ssl> library.  It provides both an own command
line oriented protocol for testing SSL functions and a simple HTTP response
facility to emulate an SSL/TLS-aware webserver.

=back

=head1 DETAILED COMMAND DESCRIPTION

The following is a detailed description of every B<openssl> I<command>.

=over 4

=item B<openssl> B<s_client>
[B<-connect> I<host>B<:>I<port>]
[B<-verify> I<arg>]
[B<-cert> I<arg>]
[B<-key> I<arg>]
[B<-CApath> I<arg>]
[B<-CAfile> I<arg>]
[B<-reconnect>]
[B<-pause>]
[B<-debug>]
[B<-nbio_test>]
[B<-state>]
[B<-nbio>]
[B<-quiet>]
[B<-ssl2>]
[B<-ssl3>]
[B<-tls1>]
[B<-no_ssl2>]
[B<-no_ssl3>]
[B<-no_tls1>]
[B<-bugs>]
[B<-cipher>]

The B<s_client> command implements a generic SSL/TLS client which can
establish a transparent connection to a remote I<host> and I<port> speaking
SSL/TLS. 

=item B<openssl> B<s_server>
[B<-accept> I<port>]
[B<-verify> I<arg>]
[B<-Verify> I<arg>]
[B<-cert> I<arg>]
[B<-key> I<arg>]
[B<-nbio>]
[B<-nbio_test>]
[B<-debug>]
[B<-state>]
[B<-CApath> I<arg>]
[B<-CAfile> I<arg>]
[B<-nocert>]
[B<-cipher> I<arg>]
[B<-quiet>]
[B<-no_tmp_rsa>]
[B<-ssl2>]
[B<-ssl3>]
[B<-tls1>]
[B<-no_ssl2>]
[B<-no_ssl3>]
[B<-no_tls1>]
[B<-bugs>]
[B<-www>]
[B<-WWW>]

The B<s_server> command implements a generic SSL/TLS server which accepts
connections from remote clients on I<port> speaking SSL/TLS.

=back

...

=head1 SEE ALSO

crypto(3), ssl(3)

=head1 HISTORY

The openssl(3) document appeared in OpenSSL 0.9.2

=cut