X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=doc%2Fapps%2Fs_server.pod;h=8c15addde3512201901217e556b0ae627ff99c27;hp=5a0a11d4f01edaae19b09c126e56d6c35e4efbc9;hb=954b274789537ece74601179b4ff74512c12de51;hpb=45ecfb19731d0190aecdddc911c710571c50bd67 diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod index 5a0a11d4f0..8c15addde3 100644 --- a/doc/apps/s_server.pod +++ b/doc/apps/s_server.pod @@ -13,14 +13,21 @@ B B [B<-verify depth>] [B<-Verify depth>] [B<-cert filename>] +[B<-certform DER|PEM>] [B<-key keyfile>] +[B<-keyform DER|PEM>] +[B<-pass arg>] [B<-dcert filename>] +[B<-dcertform DER|PEM>] [B<-dkey keyfile>] +[B<-dkeyform DER|PEM>] +[B<-dpass arg>] [B<-dhparam filename>] [B<-nbio>] [B<-nbio_test>] [B<-crlf>] [B<-debug>] +[B<-msg>] [B<-state>] [B<-CApath directory>] [B<-CAfile filename>] @@ -39,7 +46,9 @@ B B [B<-hack>] [B<-www>] [B<-WWW>] +[B<-HTTP>] [B<-engine id>] +[B<-id_prefix arg>] [B<-rand file(s)>] =head1 DESCRIPTION @@ -67,11 +76,24 @@ certificate and some require a certificate with a certain public key type: for example the DSS cipher suites require a certificate containing a DSS (DSA) key. If not specified then the filename "server.pem" will be used. +=item B<-certform format> + +The certificate format to use: DER or PEM. PEM is the default. + =item B<-key keyfile> The private key to use. If not specified then the certificate file will be used. +=item B<-keyform format> + +The private format to use: DER or PEM. PEM is the default. + +=item B<-pass arg> + +the private key password source. For more information about the format of B +see the B section in L. + =item B<-dcert filename>, B<-dkey keyname> specify an additional certificate and private key, these behave in the @@ -83,6 +105,10 @@ and some a DSS (DSA) key. By using RSA and DSS certificates and keys a server can support clients which only support RSA or DSS cipher suites by using an appropriate certificate. +=item B<-dcertform format>, B<-dkeyform format>, B<-dpass arg> + +addtional certificate and private key format and passphrase respectively. + =item B<-nocert> if this option is set then no certificate is used. This restricts the @@ -135,6 +161,10 @@ prints out the SSL session states. print extensive debugging information including a hex dump of all traffic. +=item B<-msg> + +show all protocol messages with hex dump. + =item B<-nbio_test> tests non blocking I/O @@ -151,6 +181,16 @@ this option translated a line feed from the terminal into CR+LF. inhibit printing of session and certificate information. +=item B<-psk_hint hint> + +Use the PSK identity hint B when using a PSK cipher suite. + +=item B<-psk key> + +Use the PSK key B when using a PSK cipher suite. The key is +given as a hexadecimal number without leading 0x, for example -psk +1a2b3c4d. + =item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1> these options disable the use of certain SSL or TLS protocols. By default @@ -188,6 +228,14 @@ emulates a simple web server. Pages will be resolved relative to the current directory, for example if the URL https://myhost/page.html is requested the file ./page.html will be loaded. +=item B<-HTTP> + +emulates a simple web server. Pages will be resolved relative to the +current directory, for example if the URL https://myhost/page.html is +requested the file ./page.html will be loaded. The files loaded are +assumed to contain a complete and correct HTTP response (lines that +are part of the HTTP response line and headers must end with CRLF). + =item B<-engine id> specifying an engine (by it's unique B string) will cause B @@ -195,6 +243,13 @@ to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms. +=item B<-id_prefix arg> + +generate SSL/TLS session IDs prefixed by B. This is mostly useful +for testing any SSL/TLS code (eg. proxies) that wish to deal with multiple +servers, when each of which might be generating a unique range of session +IDs (eg. with a certain prefix). + =item B<-rand file(s)> a file or files containing random data used to seed the random number