projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Add initial security framework docs.
[openssl.git]
/
doc
/
apps
/
ciphers.pod
diff --git
a/doc/apps/ciphers.pod
b/doc/apps/ciphers.pod
index 900f49542f0c365c4d89b1f0f0e89843c129d65c..8a1cf5add1f95d9f8dcf15d466c5bf833a0e4897 100644
(file)
--- a/
doc/apps/ciphers.pod
+++ b/
doc/apps/ciphers.pod
@@
-7,6
+7,7
@@
ciphers - SSL cipher display and cipher list tool.
=head1 SYNOPSIS
B<openssl> B<ciphers>
=head1 SYNOPSIS
B<openssl> B<ciphers>
+[B<-s>]
[B<-v>]
[B<-V>]
[B<-ssl2>]
[B<-v>]
[B<-V>]
[B<-ssl2>]
@@
-25,6
+26,12
@@
the appropriate cipherlist.
=over 4
=over 4
+=item B<-s>
+
+Only list supported ciphers: those consistent with the security level. This
+is the actual cipher list an application will support. If this option is
+not used then ciphers excluded by the security level will still be listed.
+
=item B<-v>
Verbose option. List ciphers with a complete description of
=item B<-v>
Verbose option. List ciphers with a complete description of
@@
-104,8
+111,11
@@
as a list of ciphers to be appended to the current preference list. If the
list includes any ciphers already present they will be ignored: that is they
will not moved to the end of the list.
list includes any ciphers already present they will be ignored: that is they
will not moved to the end of the list.
-Additionally the cipher string B<@STRENGTH> can be used at any point to sort
-the current cipher list in order of encryption algorithm key length.
+The cipher string B<@STRENGTH> can be used at any point to sort the current
+cipher list in order of encryption algorithm key length.
+
+The cipher string B<@SECLEVEL=n> can be used at any point to set the security
+level to B<n>.
=head1 CIPHER STRINGS
=head1 CIPHER STRINGS
@@
-585,6
+595,10
@@
encryption.
openssl ciphers -v 'RSA:!COMPLEMENTOFALL'
openssl ciphers -v 'RSA:!COMPLEMENTOFALL'
+Set security level to 2 and display all ciphers consistent with level 2:
+
+ openssl ciphers -v 'ALL:@SECLEVEL=2'
+
=head1 SEE ALSO
L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ssl(3)|ssl(3)>
=head1 SEE ALSO
L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ssl(3)|ssl(3)>