2 {- OpenSSL::safe::output_do_not_edit_headers(); -}
6 openssl-s_server - SSL/TLS server program
10 B<openssl> B<s_server>
23 [B<-certform> B<DER>|B<PEM>|B<P12>]
24 [B<-cert_chain> I<infile>]
26 [B<-serverinfo> I<val>]
27 [B<-key> I<filename>|I<uri>]
28 [B<-key2> I<filename>|I<uri>]
29 [B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>]
32 [B<-dcertform> B<DER>|B<PEM>|B<P12>]
33 [B<-dcert_chain> I<infile>]
34 [B<-dkey> I<filename>|I<uri>]
35 [B<-dkeyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>]
41 [B<-msgfile> I<outfile>]
45 [B<-no_resume_ephemeral>]
48 [B<-http_server_binmode>]
50 [B<-ignore_unexpected_eof>]
52 [B<-servername_fatal>]
55 [B<-id_prefix> I<val>]
56 [B<-keymatexport> I<val>]
57 [B<-keymatexportlen> I<+int>]
59 [B<-CRLform> B<DER>|B<PEM>]
61 [B<-chainCAfile> I<infile>]
62 [B<-chainCApath> I<dir>]
63 [B<-chainCAstore> I<uri>]
64 [B<-verifyCAfile> I<infile>]
65 [B<-verifyCApath> I<dir>]
66 [B<-verifyCAstore> I<uri>]
69 [B<-verify_return_error>]
77 [B<-status_timeout> I<int>]
78 [B<-proxy> I<[http[s]://][userinfo@]host[:port][/path]>]
79 [B<-no_proxy> I<addresses>]
80 [B<-status_url> I<val>]
81 [B<-status_file> I<infile>]
82 [B<-ssl_config> I<val>]
85 [B<-security_debug_verbose>]
89 [B<-max_send_frag> I<+int>]
90 [B<-split_send_frag> I<+int>]
91 [B<-max_pipelines> I<+int>]
93 [B<-read_buf> I<+int>]
99 [B<-legacy_renegotiation>]
100 [B<-no_renegotiation>]
101 [B<-no_resumption_on_reneg>]
102 [B<-no_legacy_server_connect>]
103 [B<-allow_no_dhe_kex>]
104 [B<-prioritize_chacha>]
107 [B<-client_sigalgs> I<val>]
110 [B<-named_curve> I<val>]
112 [B<-ciphersuites> I<val>]
113 [B<-dhparam> I<infile>]
114 [B<-record_padding> I<val>]
115 [B<-debug_broken_protocol>]
117 [B<-psk_identity> I<val>]
118 [B<-psk_hint> I<val>]
120 [B<-psk_session> I<file>]
121 [B<-srpvfile> I<infile>]
122 [B<-srpuserseed> I<val>]
128 [B<-use_srtp> I<val>]
130 [B<-nextprotoneg> I<val>]
134 [B<-keylogfile> I<outfile>]
135 [B<-recv_max_early_data> I<int>]
136 [B<-max_early_data> I<int>]
142 {- $OpenSSL::safe::opt_name_synopsis -}
143 {- $OpenSSL::safe::opt_version_synopsis -}
144 {- $OpenSSL::safe::opt_v_synopsis -}
145 {- $OpenSSL::safe::opt_s_synopsis -}
146 {- $OpenSSL::safe::opt_x_synopsis -}
147 {- $OpenSSL::safe::opt_trust_synopsis -}
148 {- $OpenSSL::safe::opt_r_synopsis -}
149 {- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_provider_synopsis -}
153 This command implements a generic SSL/TLS server which
154 listens for connections on a given port using SSL/TLS.
158 In addition to the options below, this command also supports
159 the common and server only options documented
160 L<SSL_CONF_cmd(3)/Supported Command Line Commands>
166 Print out a usage message.
168 =item B<-port> I<+int>
170 The TCP port to listen on for connections. If not specified 4433 is used.
172 =item B<-accept> I<val>
174 The optional TCP host and port to listen on for connections. If not specified, *:4433 is used.
176 =item B<-unix> I<val>
178 Unix domain socket to accept on.
190 For -unix, unlink any existing socket first.
192 =item B<-context> I<val>
194 Sets the SSL context id. It can be given any string value. If this option
195 is not present a default value will be used.
197 =item B<-verify> I<int>, B<-Verify> I<int>
199 The verify depth to use. This specifies the maximum length of the
200 client certificate chain and makes the server request a certificate from
201 the client. With the B<-verify> option a certificate is requested but the
202 client does not have to send one, with the B<-Verify> option the client
203 must supply a certificate or an error occurs.
205 If the cipher suite cannot request a client certificate (for example an
206 anonymous cipher suite or PSK) this option has no effect.
208 =item B<-cert> I<infile>
210 The certificate to use, most servers cipher suites require the use of a
211 certificate and some require a certificate with a certain public key type:
212 for example the DSS cipher suites require a certificate containing a DSS
213 (DSA) key. If not specified then the filename F<server.pem> will be used.
215 =item B<-cert2> I<infile>
217 The certificate file to use for servername; default is C<server2.pem>.
219 =item B<-certform> B<DER>|B<PEM>|B<P12>
221 The server certificate file format; unspecified by default.
222 See L<openssl-format-options(1)> for details.
226 A file or URI of untrusted certificates to use when attempting to build the
227 certificate chain related to the certificate specified via the B<-cert> option.
228 The input can be in PEM, DER, or PKCS#12 format.
230 =item B<-build_chain>
232 Specify whether the application should build the server certificate chain to be
233 provided to the client.
235 =item B<-serverinfo> I<val>
237 A file containing one or more blocks of PEM data. Each PEM block
238 must encode a TLS ServerHello extension (2 bytes type, 2 bytes length,
239 followed by "length" bytes of extension data). If the client sends
240 an empty TLS ClientHello extension matching the type, the corresponding
241 ServerHello extension will be returned.
243 =item B<-key> I<filename>|I<uri>
245 The private key to use. If not specified then the certificate file will
248 =item B<-key2> I<filename>|I<uri>
250 The private Key file to use for servername if not given via B<-cert2>.
252 =item B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>
254 The key format; unspecified by default.
255 See L<openssl-format-options(1)> for details.
257 =item B<-pass> I<val>
259 The private key and certificate file password source.
260 For more information about the format of I<val>,
261 see L<openssl-passphrase-options(1)>.
263 =item B<-dcert> I<infile>, B<-dkey> I<filename>|I<uri>
265 Specify an additional certificate and private key, these behave in the
266 same manner as the B<-cert> and B<-key> options except there is no default
267 if they are not specified (no additional certificate and key is used). As
268 noted above some cipher suites require a certificate containing a key of
269 a certain type. Some cipher suites need a certificate carrying an RSA key
270 and some a DSS (DSA) key. By using RSA and DSS certificates and keys
271 a server can support clients which only support RSA or DSS cipher suites
272 by using an appropriate certificate.
274 =item B<-dcert_chain>
276 A file or URI of untrusted certificates to use when attempting to build the
277 server certificate chain when a certificate specified via the B<-dcert> option
279 The input can be in PEM, DER, or PKCS#12 format.
281 =item B<-dcertform> B<DER>|B<PEM>|B<P12>
283 The format of the additional certificate file; unspecified by default.
284 See L<openssl-format-options(1)> for details.
286 =item B<-dkeyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>
288 The format of the additional private key; unspecified by default.
289 See L<openssl-format-options(1)> for details.
291 =item B<-dpass> I<val>
293 The passphrase for the additional private key and certificate.
294 For more information about the format of I<val>,
295 see L<openssl-passphrase-options(1)>.
299 Tests non blocking I/O.
303 This option translated a line feed from the terminal into CR+LF.
307 Print extensive debugging information including a hex dump of all traffic.
309 =item B<-security_debug>
311 Print output from SSL/TLS security framework.
313 =item B<-security_debug_verbose>
315 Print more output from SSL/TLS security framework
319 Show all protocol messages with hex dump.
321 =item B<-msgfile> I<outfile>
323 File to send output of B<-msg> or B<-trace> to, default standard output.
327 Prints the SSL session states.
329 =item B<-CRL> I<infile>
333 =item B<-CRLform> B<DER>|B<PEM>
335 The CRL file format; unspecified by default.
336 See L<openssl-format-options(1)> for details.
338 =item B<-crl_download>
340 Download CRLs from distribution points given in CDP extensions of certificates
342 =item B<-verifyCAfile> I<filename>
344 A file in PEM format CA containing trusted certificates to use
345 for verifying client certificates.
347 =item B<-verifyCApath> I<dir>
349 A directory containing trusted certificates to use
350 for verifying client certificates.
351 This directory must be in "hash format",
352 see L<openssl-verify(1)> for more information.
354 =item B<-verifyCAstore> I<uri>
356 The URI of a store containing trusted certificates to use
357 for verifying client certificates.
359 =item B<-chainCAfile> I<file>
361 A file in PEM format containing trusted certificates to use
362 when attempting to build the server certificate chain.
364 =item B<-chainCApath> I<dir>
366 A directory containing trusted certificates to use
367 for building the server certificate chain provided to the client.
368 This directory must be in "hash format",
369 see L<openssl-verify(1)> for more information.
371 =item B<-chainCAstore> I<uri>
373 The URI of a store containing trusted certificates to use
374 for building the server certificate chain provided to the client.
375 The URI may indicate a single certificate, as well as a collection of them.
376 With URIs in the C<file:> scheme, this acts as B<-chainCAfile> or
377 B<-chainCApath>, depending on if the URI indicates a directory or a
379 See L<ossl_store-file(7)> for more information on the C<file:> scheme.
383 If this option is set then no certificate is used. This restricts the
384 cipher suites available to the anonymous ones (currently just anonymous
389 Inhibit printing of session and certificate information.
391 =item B<-no_resume_ephemeral>
393 Disable caching and tickets if ephemeral (EC)DH is used.
395 =item B<-tlsextdebug>
397 Print a hex dump of any TLS extensions received from the server.
401 Sends a status message back to the client when it connects. This includes
402 information about the ciphers used and various session parameters.
403 The output is in HTML format so this option can be used with a web browser.
404 The special URL C</renegcert> turns on client cert validation, and C</reneg>
405 tells the server to request renegotiation.
406 The B<-early_data> option cannot be used with this option.
408 =item B<-WWW>, B<-HTTP>
410 Emulates a simple web server. Pages will be resolved relative to the
411 current directory, for example if the URL C<https://myhost/page.html> is
412 requested the file F<./page.html> will be sent.
413 If the B<-HTTP> flag is used, the files are sent directly, and should contain
414 any HTTP response headers (including status response line).
415 If the B<-WWW> option is used,
416 the response headers are generated by the server, and the file extension is
417 examined to determine the B<Content-Type> header.
418 Extensions of C<html>, C<htm>, and C<php> are C<text/html> and all others are
420 In addition, the special URL C</stats> will return status
421 information like the B<-www> option.
422 Neither of these options can be used in conjunction with B<-early_data>.
424 =item B<-http_server_binmode>
426 When acting as web-server (using option B<-WWW> or B<-HTTP>) open files requested
427 by the client in binary mode.
429 =item B<-no_ca_names>
431 Disable TLS Extension CA Names. You may want to disable it for security reasons
432 or for compatibility with some Windows TLS implementations crashing when this
433 extension is larger than 1024 bytes.
435 =item B<-ignore_unexpected_eof>
437 Some TLS implementations do not send the mandatory close_notify alert on
438 shutdown. If the application tries to wait for the close_notify alert but the
439 peer closes the connection without sending it, an error is generated. When this
440 option is enabled the peer does not need to send the close_notify alert and a
441 closed connection will be treated as if the close_notify alert was received.
442 For more information on shutting down a connection, see L<SSL_shutdown(3)>.
446 Servername for HostName TLS extension.
448 =item B<-servername_fatal>
450 On servername mismatch send fatal alert (default: warning alert).
452 =item B<-id_prefix> I<val>
454 Generate SSL/TLS session IDs prefixed by I<val>. This is mostly useful
455 for testing any SSL/TLS code (e.g. proxies) that wish to deal with multiple
456 servers, when each of which might be generating a unique range of session
457 IDs (e.g. with a certain prefix).
459 =item B<-keymatexport>
461 Export keying material using label.
463 =item B<-keymatexportlen>
465 Export the given number of bytes of keying material; default 20.
469 Disable session cache.
473 Disable internal cache, set up and use external cache.
475 =item B<-verify_return_error>
477 Verification errors normally just print a message but allow the
478 connection to continue, for debugging purposes.
479 If this option is used, then verification errors close the connection.
481 =item B<-verify_quiet>
483 No verify output except verify errors.
487 Ignore input EOF (default: when B<-quiet>).
491 Do not ignore input EOF.
495 Disable Encrypt-then-MAC negotiation.
499 Disable Extended master secret negotiation.
503 Enables certificate status request support (aka OCSP stapling).
505 =item B<-status_verbose>
507 Enables certificate status request support (aka OCSP stapling) and gives
508 a verbose printout of the OCSP response.
510 =item B<-status_timeout> I<int>
512 Sets the timeout for OCSP response to I<int> seconds.
514 =item B<-proxy> I<[http[s]://][userinfo@]host[:port][/path]>
516 The HTTP(S) proxy server to use for reaching the OCSP server unless B<-no_proxy>
518 The proxy port defaults to 80 or 443 if the scheme is C<https>; apart from that
519 the optional C<http://> or C<https://> prefix is ignored,
520 as well as any userinfo and path components.
521 Defaults to the environment variable C<http_proxy> if set, else C<HTTP_PROXY>
522 in case no TLS is used, otherwise C<https_proxy> if set, else C<HTTPS_PROXY>.
524 =item B<-no_proxy> I<addresses>
526 List of IP addresses and/or DNS names of servers
527 not to use an HTTP(S) proxy for, separated by commas and/or whitespace
528 (where in the latter case the whole argument must be enclosed in "...").
529 Default is from the environment variable C<no_proxy> if set, else C<NO_PROXY>.
531 =item B<-status_url> I<val>
533 Sets a fallback responder URL to use if no responder URL is present in the
534 server certificate. Without this option an error is returned if the server
535 certificate does not contain a responder address.
536 The optional userinfo and fragment URL components are ignored.
537 Any given query component is handled as part of the path component.
539 =item B<-status_file> I<infile>
541 Overrides any OCSP responder URLs from the certificate and always provides the
542 OCSP Response stored in the file. The file must be in DER format.
544 =item B<-ssl_config> I<val>
546 Configure SSL_CTX using the given configuration value.
550 Show verbose trace output of protocol messages.
554 Provide a brief summary of connection parameters instead of the normal verbose
559 Simple echo server that sends back received text reversed. Also sets B<-brief>.
560 Cannot be used in conjunction with B<-early_data>.
564 Switch on asynchronous mode. Cryptographic operations will be performed
565 asynchronously. This will only have an effect if an asynchronous capable engine
566 is also used via the B<-engine> option. For test purposes the dummy async engine
567 (dasync) can be used (if available).
569 =item B<-max_send_frag> I<+int>
571 The maximum size of data fragment to send.
572 See L<SSL_CTX_set_max_send_fragment(3)> for further information.
574 =item B<-split_send_frag> I<+int>
576 The size used to split data for encrypt pipelines. If more data is written in
577 one go than this value then it will be split into multiple pipelines, up to the
578 maximum number of pipelines defined by max_pipelines. This only has an effect if
579 a suitable cipher suite has been negotiated, an engine that supports pipelining
580 has been loaded, and max_pipelines is greater than 1. See
581 L<SSL_CTX_set_split_send_fragment(3)> for further information.
583 =item B<-max_pipelines> I<+int>
585 The maximum number of encrypt/decrypt pipelines to be used. This will only have
586 an effect if an engine has been loaded that supports pipelining (e.g. the dasync
587 engine) and a suitable cipher suite has been negotiated. The default value is 1.
588 See L<SSL_CTX_set_max_pipelines(3)> for further information.
590 =item B<-naccept> I<+int>
592 The server will exit after receiving the specified number of connections,
595 =item B<-read_buf> I<+int>
597 The default read buffer size to be used for connections. This will only have an
598 effect if the buffer size is larger than the size that would otherwise be used
599 and pipelining is in use (see L<SSL_CTX_set_default_read_buffer_len(3)> for
600 further information).
604 There are several known bugs in SSL and TLS implementations. Adding this
605 option enables various workarounds.
609 Disable negotiation of TLS compression.
610 TLS compression is not recommended and is off by default as of
615 Enable negotiation of TLS compression.
616 This option was introduced in OpenSSL 1.1.0.
617 TLS compression is not recommended and is off by default as of
622 Disable RFC4507bis session ticket support. This option has no effect if TLSv1.3
623 is negotiated. See B<-num_tickets>.
625 =item B<-num_tickets>
627 Control the number of tickets that will be sent to the client after a full
628 handshake in TLSv1.3. The default number of tickets is 2. This option does not
629 affect the number of tickets sent after a resumption handshake.
633 Use the server's cipher preferences, rather than the client's preferences.
635 =item B<-prioritize_chacha>
637 Prioritize ChaCha ciphers when preferred by clients. Requires B<-serverpref>.
639 =item B<-no_resumption_on_reneg>
641 Set the B<SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION> option.
643 =item B<-client_sigalgs> I<val>
645 Signature algorithms to support for client certificate authentication
646 (colon-separated list).
648 =item B<-named_curve> I<val>
650 Specifies the elliptic curve to use. NOTE: this is single curve, not a list.
651 For a list of all possible curves, use:
653 $ openssl ecparam -list_curves
655 =item B<-cipher> I<val>
657 This allows the list of TLSv1.2 and below ciphersuites used by the server to be
658 modified. This list is combined with any TLSv1.3 ciphersuites that have been
659 configured. When the client sends a list of supported ciphers the first client
660 cipher also included in the server list is used. Because the client specifies
661 the preference order, the order of the server cipherlist is irrelevant. See
662 L<openssl-ciphers(1)> for more information.
664 =item B<-ciphersuites> I<val>
666 This allows the list of TLSv1.3 ciphersuites used by the server to be modified.
667 This list is combined with any TLSv1.2 and below ciphersuites that have been
668 configured. When the client sends a list of supported ciphers the first client
669 cipher also included in the server list is used. Because the client specifies
670 the preference order, the order of the server cipherlist is irrelevant. See
671 L<openssl-ciphers(1)> command for more information. The format for this list is
672 a simple colon (":") separated list of TLSv1.3 ciphersuite names.
674 =item B<-dhparam> I<infile>
676 The DH parameter file to use. The ephemeral DH cipher suites generate keys
677 using a set of DH parameters. If not specified then an attempt is made to
678 load the parameters from the server certificate file.
679 If this fails then a static set of parameters hard coded into this command
684 Turns on non blocking I/O.
694 =item B<-psk_identity> I<val>
696 Expect the client to send PSK identity I<val> when using a PSK
697 cipher suite, and warn if they do not. By default, the expected PSK
698 identity is the string "Client_identity".
700 =item B<-psk_hint> I<val>
702 Use the PSK identity hint I<val> when using a PSK cipher suite.
706 Use the PSK key I<val> when using a PSK cipher suite. The key is
707 given as a hexadecimal number without leading 0x, for example -psk
709 This option must be provided in order to use a PSK cipher.
711 =item B<-psk_session> I<file>
713 Use the pem encoded SSL_SESSION data stored in I<file> as the basis of a PSK.
714 Note that this will only work if TLSv1.3 is negotiated.
718 The verifier file for SRP.
719 This option is deprecated.
721 =item B<-srpuserseed>
723 A seed string for a default user salt.
724 This option is deprecated.
728 This option can only be used in conjunction with one of the DTLS options above.
729 With this option, this command will listen on a UDP port for incoming
731 Any ClientHellos that arrive will be checked to see if they have a cookie in
733 Any without a cookie will be responded to with a HelloVerifyRequest.
734 If a ClientHello with a cookie is received then this command will
735 connect to that peer and complete the handshake.
739 Use SCTP for the transport protocol instead of UDP in DTLS. Must be used in
740 conjunction with B<-dtls>, B<-dtls1> or B<-dtls1_2>. This option is only
741 available where OpenSSL has support for SCTP enabled.
743 =item B<-sctp_label_bug>
745 Use the incorrect behaviour of older OpenSSL implementations when computing
746 endpoint-pair shared secrets for DTLS/SCTP. This allows communication with
747 older broken implementations but breaks interoperability with correct
748 implementations. Must be used in conjunction with B<-sctp>. This option is only
749 available where OpenSSL has support for SCTP enabled.
753 Offer SRTP key management with a colon-separated profile list.
757 If this option is set then no DH parameters will be loaded effectively
758 disabling the ephemeral DH cipher suites.
760 =item B<-alpn> I<val>, B<-nextprotoneg> I<val>
762 These flags enable the Application-Layer Protocol Negotiation
763 or Next Protocol Negotiation (NPN) extension, respectively. ALPN is the
764 IETF standard and replaces NPN.
765 The I<val> list is a comma-separated list of supported protocol
766 names. The list should contain the most desirable protocols first.
767 Protocol names are printable ASCII strings, for example "http/1.1" or
769 The flag B<-nextprotoneg> cannot be specified if B<-tls1_3> is used.
773 Enable Kernel TLS for sending and receiving.
774 This option was introduced in OpenSSL 3.1.0.
775 Kernel TLS is off by default as of OpenSSL 3.1.0.
779 If this option is set and KTLS is enabled, SSL_sendfile() will be used
780 instead of BIO_write() to send the HTTP response requested by a client.
781 This option is only valid when B<-ktls> along with B<-WWW> or B<-HTTP>
784 =item B<-keylogfile> I<outfile>
786 Appends TLS secrets to the specified keylog file such that external programs
787 (like Wireshark) can decrypt TLS connections.
789 =item B<-max_early_data> I<int>
791 Change the default maximum early data bytes that are specified for new sessions
792 and any incoming early data (when used in conjunction with the B<-early_data>
793 flag). The default value is approximately 16k. The argument must be an integer
794 greater than or equal to 0.
796 =item B<-recv_max_early_data> I<int>
798 Specify the hard limit on the maximum number of early data bytes that will
803 Accept early data where possible. Cannot be used in conjunction with B<-www>,
804 B<-WWW>, B<-HTTP> or B<-rev>.
808 Require TLSv1.3 cookies.
810 =item B<-anti_replay>, B<-no_anti_replay>
812 Switches replay protection on or off, respectively. Replay protection is on by
813 default unless overridden by a configuration file. When it is on, OpenSSL will
814 automatically detect if a session ticket has been used more than once, TLSv1.3
815 has been negotiated, and early data is enabled on the server. A full handshake
816 is forced if a session ticket is used a second or subsequent time. Any early
817 data that was sent will be rejected.
819 {- $OpenSSL::safe::opt_name_item -}
821 {- $OpenSSL::safe::opt_version_item -}
823 {- $OpenSSL::safe::opt_s_item -}
825 {- $OpenSSL::safe::opt_x_item -}
827 {- $OpenSSL::safe::opt_trust_item -}
829 {- $OpenSSL::safe::opt_r_item -}
831 {- $OpenSSL::safe::opt_engine_item -}
833 {- $OpenSSL::safe::opt_provider_item -}
835 {- $OpenSSL::safe::opt_v_item -}
837 If the server requests a client certificate, then
838 verification errors are displayed, for debugging, but the command will
839 proceed unless the B<-verify_return_error> option is used.
843 =head1 CONNECTED COMMANDS
845 If a connection request is established with an SSL client and neither the
846 B<-www> nor the B<-WWW> option has been used then normally any data received
847 from the client is displayed and any key presses will be sent to the client.
849 Certain commands are also recognized which perform special operations. These
850 commands are a letter which must appear at the start of a line. They are listed
857 End the current SSL connection but still accept new connections.
861 End the current SSL connection and exit.
865 Renegotiate the SSL session (TLSv1.2 and below only).
869 Renegotiate the SSL session and request a client certificate (TLSv1.2 and below
874 Send some plain text down the underlying TCP connection: this should
875 cause the client to disconnect due to a protocol violation.
879 Print out some session cache status information.
883 Send a key update message to the client (TLSv1.3 only)
887 Send a key update message to the client and request one back (TLSv1.3 only)
891 Send a certificate request to the client (TLSv1.3 only)
897 This command can be used to debug SSL clients. To accept connections
898 from a web browser the command:
900 openssl s_server -accept 443 -www
902 can be used for example.
904 Although specifying an empty list of CAs when requesting a client certificate
905 is strictly speaking a protocol violation, some SSL clients interpret this to
906 mean any CA is acceptable. This is useful for debugging purposes.
908 The session parameters can printed out using the L<openssl-sess_id(1)> command.
912 Because this program has a lot of options and also because some of the
913 techniques used are rather old, the C source for this command is rather
914 hard to read and not a model of how things should be done.
915 A typical SSL server program would be much simpler.
917 The output of common ciphers is wrong: it just gives the list of ciphers that
918 OpenSSL recognizes and the client supports.
920 There should be a way for this command to print out details
921 of any unknown cipher suites a client says it supports.
926 L<openssl-sess_id(1)>,
927 L<openssl-s_client(1)>,
928 L<openssl-ciphers(1)>,
930 L<SSL_CTX_set_max_send_fragment(3)>,
931 L<SSL_CTX_set_split_send_fragment(3)>,
932 L<SSL_CTX_set_max_pipelines(3)>,
933 L<ossl_store-file(7)>
937 The -no_alt_chains option was added in OpenSSL 1.1.0.
940 -allow-no-dhe-kex and -prioritize_chacha options were added in OpenSSL 1.1.1.
942 The B<-srpvfile>, B<-srpuserseed>, and B<-engine>
943 option were deprecated in OpenSSL 3.0.
947 Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
949 Licensed under the Apache License 2.0 (the "License"). You may not use
950 this file except in compliance with the License. You can obtain a copy
951 in the file LICENSE in the source distribution or at
952 L<https://www.openssl.org/source/license.html>.