[B<-verify depth>]
[B<-Verify depth>]
[B<-cert filename>]
+[B<-certform DER|PEM>]
[B<-key keyfile>]
+[B<-keyform DER|PEM>]
+[B<-pass arg>]
[B<-dcert filename>]
+[B<-dcertform DER|PEM>]
[B<-dkey keyfile>]
+[B<-dkeyform DER|PEM>]
+[B<-dpass arg>]
[B<-dhparam filename>]
[B<-nbio>]
[B<-nbio_test>]
[B<-crlf>]
[B<-debug>]
+[B<-msg>]
[B<-state>]
[B<-CApath directory>]
[B<-CAfile filename>]
[B<-hack>]
[B<-www>]
[B<-WWW>]
+[B<-HTTP>]
[B<-engine id>]
+[B<-id_prefix arg>]
[B<-rand file(s)>]
=head1 DESCRIPTION
for example the DSS cipher suites require a certificate containing a DSS
(DSA) key. If not specified then the filename "server.pem" will be used.
+=item B<-certform format>
+
+The certificate format to use: DER or PEM. PEM is the default.
+
=item B<-key keyfile>
The private key to use. If not specified then the certificate file will
be used.
+=item B<-keyform format>
+
+The private format to use: DER or PEM. PEM is the default.
+
+=item B<-pass arg>
+
+the private key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
=item B<-dcert filename>, B<-dkey keyname>
specify an additional certificate and private key, these behave in the
a server can support clients which only support RSA or DSS cipher suites
by using an appropriate certificate.
+=item B<-dcertform format>, B<-dkeyform format>, B<-dpass arg>
+
+addtional certificate and private key format and passphrase respectively.
+
=item B<-nocert>
if this option is set then no certificate is used. This restricts the
print extensive debugging information including a hex dump of all traffic.
+=item B<-msg>
+
+show all protocol messages with hex dump.
+
=item B<-nbio_test>
tests non blocking I/O
inhibit printing of session and certificate information.
+=item B<-psk_hint hint>
+
+Use the PSK identity hint B<hint> when using a PSK cipher suite.
+
+=item B<-psk key>
+
+Use the PSK key B<key> when using a PSK cipher suite. The key is
+given as a hexadecimal number without leading 0x, for example -psk
+1a2b3c4d.
+
=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
these options disable the use of certain SSL or TLS protocols. By default
current directory, for example if the URL https://myhost/page.html is
requested the file ./page.html will be loaded.
+=item B<-HTTP>
+
+emulates a simple web server. Pages will be resolved relative to the
+current directory, for example if the URL https://myhost/page.html is
+requested the file ./page.html will be loaded. The files loaded are
+assumed to contain a complete and correct HTTP response (lines that
+are part of the HTTP response line and headers must end with CRLF).
+
=item B<-engine id>
specifying an engine (by it's unique B<id> string) will cause B<s_server>
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
+=item B<-id_prefix arg>
+
+generate SSL/TLS session IDs prefixed by B<arg>. This is mostly useful
+for testing any SSL/TLS code (eg. proxies) that wish to deal with multiple
+servers, when each of which might be generating a unique range of session
+IDs (eg. with a certain prefix).
+
=item B<-rand file(s)>
a file or files containing random data used to seed the random number
projects / openssl.git / blobdiff