=pod
-
-=begin comment
-{- join("\n", @autowarntext) -}
-
-=end comment
+{- OpenSSL::safe::output_do_not_edit_headers(); -}
=head1 NAME
[B<-verify> I<int>]
[B<-Verify> I<int>]
[B<-cert> I<infile>]
-[B<-nameopt> I<val>]
[B<-naccept> I<+int>]
[B<-serverinfo> I<val>]
[B<-certform> B<DER>|B<PEM>]
[B<-dcert_chain> I<infile>]
[B<-chainCApath> I<dir>]
[B<-verifyCApath> I<dir>]
+[B<-chainCAstore> I<uri>]
+[B<-verifyCAstore> I<uri>]
[B<-no_cache>]
[B<-ext_cache>]
[B<-verify_return_error>]
[B<-nextprotoneg> I<val>]
[B<-use_srtp> I<val>]
[B<-alpn> I<val>]
-[B<-engine> I<val>]
[B<-keylogfile> I<outfile>]
[B<-max_early_data> I<int>]
[B<-early_data>]
[B<-anti_replay>]
[B<-no_anti_replay>]
[B<-http_server_binmode>]
+{- $OpenSSL::safe::opt_name_synopsis -}
{- $OpenSSL::safe::opt_x_synopsis -}
{- $OpenSSL::safe::opt_trust_synopsis -}
{- $OpenSSL::safe::opt_r_synopsis -}
+{- $OpenSSL::safe::opt_engine_synopsis -}
=for openssl ifdef unix 4 6 unlink no_dhe nextprotoneg use_srtp engine
Specify whether the application should build the certificate chain to be
provided to the client.
-=item B<-nameopt> I<val>
-
-Option which determines how the subject or issuer names are displayed. The
-I<val> argument can be a single option or multiple options separated by
-commas. Alternatively the B<-nameopt> switch may be used more than once to
-set multiple options. See the L<openssl-x509(1)> manual page for details.
-
=item B<-naccept> I<+int>
The server will exit after receiving the specified number of connections,
A file containing trusted certificates to use when attempting to build the
server certificate chain.
+=item B<-chainCAstore> I<uri>
+
+The URI to a store to use for building the chain provided to the client.
+The URI may indicate a single certificate, as well as a collection of
+them.
+With URIs in the C<file:> scheme, this acts as B<-chainCAfile> or
+B<-chainCApath>, depending on if the URI indicates a directory or a
+single file.
+See L<ossl_store-file(7)> for more information on the C<file:> scheme.
+
=item B<-nocert>
If this option is set then no certificate is used. This restricts the
"spdy/3".
The flag B<-nextprotoneg> cannot be specified if B<-tls1_3> is used.
-=item B<-engine> I<val>
-
-Specifying an engine (by its unique id string in I<val>) will cause
-this command to attempt to obtain a functional reference to the
-specified engine, thus initialising it if needed. The engine will then be
-set as the default for all available algorithms.
-
=item B<-keylogfile> I<outfile>
Appends TLS secrets to the specified keylog file such that external programs
When acting as web-server (using option B<-WWW> or B<-HTTP>) open files requested
by the client in binary mode.
+{- $OpenSSL::safe::opt_name_item -}
+
{- $OpenSSL::safe::opt_x_item -}
{- $OpenSSL::safe::opt_trust_item -}
{- $OpenSSL::safe::opt_r_item -}
+{- $OpenSSL::safe::opt_engine_item -}
+
=back
=head1 CONNECTED COMMANDS
L<SSL_CONF_cmd(3)>,
L<SSL_CTX_set_max_send_fragment(3)>,
L<SSL_CTX_set_split_send_fragment(3)>,
-L<SSL_CTX_set_max_pipelines(3)>
+L<SSL_CTX_set_max_pipelines(3)>,
+L<ossl_store-file(7)>
=head1 HISTORY
projects / openssl.git / blobdiff