Revision aa3b4b4d deps/openssl/openssl/doc/apps/s_server.pod
| deps/openssl/openssl/doc/apps/s_server.pod | ||
|---|---|---|
| 35 | 35 |
[B<-CAfile filename>] |
| 36 | 36 |
[B<-nocert>] |
| 37 | 37 |
[B<-cipher cipherlist>] |
| 38 |
[B<-serverpref>] |
|
| 38 | 39 |
[B<-quiet>] |
| 39 | 40 |
[B<-no_tmp_rsa>] |
| 40 | 41 |
[B<-ssl2>] |
| ... | ... | |
| 55 | 56 |
[B<-no_ticket>] |
| 56 | 57 |
[B<-id_prefix arg>] |
| 57 | 58 |
[B<-rand file(s)>] |
| 59 |
[B<-status>] |
|
| 60 |
[B<-status_verbose>] |
|
| 61 |
[B<-status_timeout nsec>] |
|
| 62 |
[B<-status_url url>] |
|
| 63 |
[B<-nextprotoneg protocols>] |
|
| 58 | 64 |
|
| 59 | 65 |
=head1 DESCRIPTION |
| 60 | 66 |
|
| ... | ... | |
| 150 | 156 |
client does not have to send one, with the B<-Verify> option the client |
| 151 | 157 |
must supply a certificate or an error occurs. |
| 152 | 158 |
|
| 159 |
If the ciphersuite cannot request a client certificate (for example an |
|
| 160 |
anonymous ciphersuite or PSK) this option has no effect. |
|
| 161 |
|
|
| 153 | 162 |
=item B<-crl_check>, B<-crl_check_all> |
| 154 | 163 |
|
| 155 | 164 |
Check the peer certificate has not been revoked by its CA. |
| ... | ... | |
| 231 | 240 |
the preference order, the order of the server cipherlist irrelevant. See |
| 232 | 241 |
the B<ciphers> command for more information. |
| 233 | 242 |
|
| 243 |
=item B<-serverpref> |
|
| 244 |
|
|
| 245 |
use the server's cipher preferences, rather than the client's preferences. |
|
| 246 |
|
|
| 234 | 247 |
=item B<-tlsextdebug> |
| 235 | 248 |
|
| 236 | 249 |
print out a hex dump of any TLS extensions received from the server. |
| ... | ... | |
| 282 | 295 |
The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for |
| 283 | 296 |
all others. |
| 284 | 297 |
|
| 298 |
=item B<-status> |
|
| 299 |
|
|
| 300 |
enables certificate status request support (aka OCSP stapling). |
|
| 301 |
|
|
| 302 |
=item B<-status_verbose> |
|
| 303 |
|
|
| 304 |
enables certificate status request support (aka OCSP stapling) and gives |
|
| 305 |
a verbose printout of the OCSP response. |
|
| 306 |
|
|
| 307 |
=item B<-status_timeout nsec> |
|
| 308 |
|
|
| 309 |
sets the timeout for OCSP response to B<nsec> seconds. |
|
| 310 |
|
|
| 311 |
=item B<-status_url url> |
|
| 312 |
|
|
| 313 |
sets a fallback responder URL to use if no responder URL is present in the |
|
| 314 |
server certificate. Without this option an error is returned if the server |
|
| 315 |
certificate does not contain a responder address. |
|
| 316 |
|
|
| 317 |
=item B<-nextprotoneg protocols> |
|
| 318 |
|
|
| 319 |
enable Next Protocol Negotiation TLS extension and provide a |
|
| 320 |
comma-separated list of supported protocol names. |
|
| 321 |
The list should contain most wanted protocols first. |
|
| 322 |
Protocol names are printable ASCII strings, for example "http/1.1" or |
|
| 323 |
"spdy/3". |
|
| 324 |
|
|
| 285 | 325 |
=back |
| 286 | 326 |
|
| 287 | 327 |
=head1 CONNECTED COMMANDS |
Also available in: Unified diff