Revision aa3b4b4d deps/openssl/openssl/doc/apps/s_server.pod
deps/openssl/openssl/doc/apps/s_server.pod | ||
---|---|---|
35 | 35 |
[B<-CAfile filename>] |
36 | 36 |
[B<-nocert>] |
37 | 37 |
[B<-cipher cipherlist>] |
38 |
[B<-serverpref>] |
|
38 | 39 |
[B<-quiet>] |
39 | 40 |
[B<-no_tmp_rsa>] |
40 | 41 |
[B<-ssl2>] |
... | ... | |
55 | 56 |
[B<-no_ticket>] |
56 | 57 |
[B<-id_prefix arg>] |
57 | 58 |
[B<-rand file(s)>] |
59 |
[B<-status>] |
|
60 |
[B<-status_verbose>] |
|
61 |
[B<-status_timeout nsec>] |
|
62 |
[B<-status_url url>] |
|
63 |
[B<-nextprotoneg protocols>] |
|
58 | 64 |
|
59 | 65 |
=head1 DESCRIPTION |
60 | 66 |
|
... | ... | |
150 | 156 |
client does not have to send one, with the B<-Verify> option the client |
151 | 157 |
must supply a certificate or an error occurs. |
152 | 158 |
|
159 |
If the ciphersuite cannot request a client certificate (for example an |
|
160 |
anonymous ciphersuite or PSK) this option has no effect. |
|
161 |
|
|
153 | 162 |
=item B<-crl_check>, B<-crl_check_all> |
154 | 163 |
|
155 | 164 |
Check the peer certificate has not been revoked by its CA. |
... | ... | |
231 | 240 |
the preference order, the order of the server cipherlist irrelevant. See |
232 | 241 |
the B<ciphers> command for more information. |
233 | 242 |
|
243 |
=item B<-serverpref> |
|
244 |
|
|
245 |
use the server's cipher preferences, rather than the client's preferences. |
|
246 |
|
|
234 | 247 |
=item B<-tlsextdebug> |
235 | 248 |
|
236 | 249 |
print out a hex dump of any TLS extensions received from the server. |
... | ... | |
282 | 295 |
The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for |
283 | 296 |
all others. |
284 | 297 |
|
298 |
=item B<-status> |
|
299 |
|
|
300 |
enables certificate status request support (aka OCSP stapling). |
|
301 |
|
|
302 |
=item B<-status_verbose> |
|
303 |
|
|
304 |
enables certificate status request support (aka OCSP stapling) and gives |
|
305 |
a verbose printout of the OCSP response. |
|
306 |
|
|
307 |
=item B<-status_timeout nsec> |
|
308 |
|
|
309 |
sets the timeout for OCSP response to B<nsec> seconds. |
|
310 |
|
|
311 |
=item B<-status_url url> |
|
312 |
|
|
313 |
sets a fallback responder URL to use if no responder URL is present in the |
|
314 |
server certificate. Without this option an error is returned if the server |
|
315 |
certificate does not contain a responder address. |
|
316 |
|
|
317 |
=item B<-nextprotoneg protocols> |
|
318 |
|
|
319 |
enable Next Protocol Negotiation TLS extension and provide a |
|
320 |
comma-separated list of supported protocol names. |
|
321 |
The list should contain most wanted protocols first. |
|
322 |
Protocol names are printable ASCII strings, for example "http/1.1" or |
|
323 |
"spdy/3". |
|
324 |
|
|
285 | 325 |
=back |
286 | 326 |
|
287 | 327 |
=head1 CONNECTED COMMANDS |
Also available in: Unified diff