=pod =head1 NAME openssl - OpenSSL command line tool =head1 SYNOPSIS B I [ I ] [ I ] =head1 DESCRIPTION OpenSSL is a cryptography toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) network protocols and related cryptography standards required by them. The B program is a command line tool for using the various cryptography functions of OpenSSL's B library from the shell. It can be used for o Creation of RSA, DH and DSA key parameters o Creation of X.509 certificates, CSRs and CRLs o Calculation of Message Digests o Encryption and Decryption with Ciphers o SSL/TLS Client and Server Tests =head1 COMMAND SUMMARY The B program provides a rich variety of commands (I in the SYNOPSIS above), each of which often has a wealth of options and arguments (I and I in the SYNOPSIS). =head2 STANDARD COMMANDS =over 10 =item B Parse an ASN.1 sequence. =item B Certificate Authority (CA) Management. =item B Cipher Suite Description Determination. =item B Certificate Revokation List (CRL) Management. =item B CRL2 to PKCS#7 Conversion. =item B Message Digest Calculation. =item B Diffie-Hellman Data Management. =item B DSA Data Management. =item B DSA Parameter Generation. =item B Encoding with Ciphers. =item B Error Number to Error String Conversion. =item B Generation of Diffie-Hellman Parameters. =item B Generation of DSA Parameters. =item B Generation of RSA Parameters. =item B PKCS#7 Data Management. =item B X.509 Certificate Signing Request (CSR) Management. =item B RSA Data Management. =item B This implements a generic SSL/TLS client which can establish a transparent connection to a remote server speaking SSL/TLS. It's intended for testing purposes only and provides only rudimentary interface functionality but internally uses mostly all functionality of the OpenSSL B library. =item B This implements a generic SSL/TLS server which accepts connections from remote clients speaking SSL/TLS. It's intended for testing purposes only and provides only rudimentary interface functionality but internally uses mostly all functionality of the OpenSSL B library. It provides both an own command line oriented protocol for testing SSL functions and a simple HTTP response facility to emulate an SSL/TLS-aware webserver. =item B SSL Connection Timer. =item B SSL Session Data Management. =item B Algorithm Speed Measurement. =item B X.509 Certificate Verification. =item B OpenSSL Version Information. =item B X.509 Certificate Data Management. =back =head2 MESSAGE DIGEST COMMANDS =over 10 =item B MD2 Digest =item B MD5 Digest =item B MDC2 Digest =item B RMD-160 Digest =item B SHA Digest =item B SHA-1 Digest =back =head2 ENCODING AND CIPHER COMMANDS =over 10 =item B Base64 Encoding =item B Blowfish Cipher =item B CAST Cipher =item B CAST5 Cipher =item B DES Cipher =item B Triple-DES Cipher =item B IDEA Cipher =item B RC2 Cipher =item B RC4 Cipher =item B RC5 Cipher =back =head1 DETAILED COMMAND DESCRIPTION The following is a detailed description of every B I. =over 4 =item B B [B<-connect> IB<:>I] [B<-verify> I] [B<-cert> I] [B<-key> I] [B<-CApath> I] [B<-CAfile> I] [B<-reconnect>] [B<-pause>] [B<-debug>] [B<-nbio_test>] [B<-state>] [B<-nbio>] [B<-quiet>] [B<-ssl2>] [B<-ssl3>] [B<-tls1>] [B<-no_ssl2>] [B<-no_ssl3>] [B<-no_tls1>] [B<-bugs>] [B<-cipher>] The B command implements a generic SSL/TLS client which can establish a transparent connection to a remote I and I speaking SSL/TLS. =item B B [B<-accept> I] [B<-verify> I] [B<-Verify> I] [B<-cert> I] [B<-key> I] [B<-dcert> I] [B<-dkey> I] [B<-nbio>] [B<-nbio_test>] [B<-debug>] [B<-state>] [B<-CApath> I] [B<-CAfile> I] [B<-nocert>] [B<-cipher> I] [B<-quiet>] [B<-no_tmp_rsa>] [B<-ssl2>] [B<-ssl3>] [B<-tls1>] [B<-no_ssl2>] [B<-no_ssl3>] [B<-no_tls1>] [B<-bugs>] [B<-www>] [B<-WWW>] The B command implements a generic SSL/TLS server which accepts connections from remote clients on I speaking SSL/TLS. =back ... =head1 SEE ALSO crypto(3), ssl(3) =head1 HISTORY The openssl(3) document appeared in OpenSSL 0.9.2 =cut