Currently supported B<cmd> names for command lines (i.e. when the
flag B<SSL_CONF_CMDLINE> is set) are listed below. Note: all B<cmd> names
-and are case sensitive. Unless otherwise stated commands can be used by
+are case sensitive. Unless otherwise stated commands can be used by
both clients and servers and the B<value> parameter is not used. The default
prefix for command line commands is B<-> and that is reflected below.
signature algorithm or elliptic curve to use for an incoming connection.
Equivalent to B<SSL_OP_CIPHER_SERVER_PREFERENCE>. Only used by servers.
+=item B<-no_resumption_on_reneg>
+
+set SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION flag. Only used by servers.
+
=item B<-legacyrenegotiation>
permits the use of unsafe legacy renegotiation. Equivalent to setting
are permitted. Note: if no B<-key> option is set then a private key is
not loaded: it does not currently use the B<Certificate> file.
+=item B<ServerInfoFile>
+
+Attempts to use the file B<value> in the "serverinfo" extension using the
+function SSL_CTX_use_serverinfo_file.
+
=item B<DHParameters>
Attempts to use the file B<value> as the set of temporary DH parameters for
to use for an incoming connection. Equivalent to
B<SSL_OP_CIPHER_SERVER_PREFERENCE>. Only used by servers.
+B<NoResumptionOnRenegotiation> set
+B<SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION> flag. Only used by servers.
+
B<UnsafeLegacyRenegotiation> permits the use of unsafe legacy renegotiation.
Equivalent to B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION>.
The value is a directory name.
+=back
+
=head1 NOTES
The order of operations is significant. This can be used to set either defaults
projects / openssl.git / blobdiff