Lines Matching +full:srp +full:- +full:capable

2 {- OpenSSL::safe::output_do_not_edit_headers(); -}
6 openssl-s_server - SSL/TLS server program
11 [B<-help>]
12 [B<-port> I<+int>]
13 [B<-accept> I<val>]
14 [B<-unix> I<val>]
15 [B<-4>]
16 [B<-6>]
17 [B<-unlink>]
18 [B<-context> I<val>]
19 [B<-verify> I<int>]
20 [B<-Verify> I<int>]
21 [B<-cert> I<infile>]
22 [B<-cert2> I<infile>]
23 [B<-certform> B<DER>|B<PEM>|B<P12>]
24 [B<-cert_chain> I<infile>]
25 [B<-build_chain>]
26 [B<-serverinfo> I<val>]
27 [B<-key> I<filename>|I<uri>]
28 [B<-key2> I<filename>|I<uri>]
29 [B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>]
30 [B<-pass> I<val>]
31 [B<-dcert> I<infile>]
32 [B<-dcertform> B<DER>|B<PEM>|B<P12>]
33 [B<-dcert_chain> I<infile>]
34 [B<-dkey> I<filename>|I<uri>]
35 [B<-dkeyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>]
36 [B<-dpass> I<val>]
37 [B<-nbio_test>]
38 [B<-crlf>]
39 [B<-debug>]
40 [B<-msg>]
41 [B<-msgfile> I<outfile>]
42 [B<-state>]
43 [B<-nocert>]
44 [B<-quiet>]
45 [B<-no_resume_ephemeral>]
46 [B<-www>]
47 [B<-WWW>]
48 [B<-http_server_binmode>]
49 [B<-no_ca_names>]
50 [B<-ignore_unexpected_eof>]
51 [B<-servername>]
52 [B<-servername_fatal>]
53 [B<-tlsextdebug>]
54 [B<-HTTP>]
55 [B<-id_prefix> I<val>]
56 [B<-keymatexport> I<val>]
57 [B<-keymatexportlen> I<+int>]
58 [B<-CRL> I<infile>]
59 [B<-CRLform> B<DER>|B<PEM>]
60 [B<-crl_download>]
61 [B<-chainCAfile> I<infile>]
62 [B<-chainCApath> I<dir>]
63 [B<-chainCAstore> I<uri>]
64 [B<-verifyCAfile> I<infile>]
65 [B<-verifyCApath> I<dir>]
66 [B<-verifyCAstore> I<uri>]
67 [B<-no_cache>]
68 [B<-ext_cache>]
69 [B<-verify_return_error>]
70 [B<-verify_quiet>]
71 [B<-ign_eof>]
72 [B<-no_ign_eof>]
73 [B<-no_etm>]
74 [B<-status>]
75 [B<-status_verbose>]
76 [B<-status_timeout> I<int>]
77 [B<-proxy> I<[http[s]://][userinfo@]host[:port][/path][?query][#fragment]>]
78 [B<-no_proxy> I<addresses>]
79 [B<-status_url> I<val>]
80 [B<-status_file> I<infile>]
81 [B<-ssl_config> I<val>]
82 [B<-trace>]
83 [B<-security_debug>]
84 [B<-security_debug_verbose>]
85 [B<-brief>]
86 [B<-rev>]
87 [B<-async>]
88 [B<-max_send_frag> I<+int>]
89 [B<-split_send_frag> I<+int>]
90 [B<-max_pipelines> I<+int>]
91 [B<-naccept> I<+int>]
92 [B<-read_buf> I<+int>]
93 [B<-bugs>]
94 [B<-no_comp>]
95 [B<-comp>]
96 [B<-no_ticket>]
97 [B<-serverpref>]
98 [B<-legacy_renegotiation>]
99 [B<-no_renegotiation>]
100 [B<-no_resumption_on_reneg>]
101 [B<-allow_no_dhe_kex>]
102 [B<-prioritize_chacha>]
103 [B<-strict>]
104 [B<-sigalgs> I<val>]
105 [B<-client_sigalgs> I<val>]
106 [B<-groups> I<val>]
107 [B<-curves> I<val>]
108 [B<-named_curve> I<val>]
109 [B<-cipher> I<val>]
110 [B<-ciphersuites> I<val>]
111 [B<-dhparam> I<infile>]
112 [B<-record_padding> I<val>]
113 [B<-debug_broken_protocol>]
114 [B<-nbio>]
115 [B<-psk_identity> I<val>]
116 [B<-psk_hint> I<val>]
117 [B<-psk> I<val>]
118 [B<-psk_session> I<file>]
119 [B<-srpvfile> I<infile>]
120 [B<-srpuserseed> I<val>]
121 [B<-timeout>]
122 [B<-mtu> I<+int>]
123 [B<-listen>]
124 [B<-sctp>]
125 [B<-sctp_label_bug>]
126 [B<-use_srtp> I<val>]
127 [B<-no_dhe>]
128 [B<-nextprotoneg> I<val>]
129 [B<-alpn> I<val>]
130 [B<-sendfile>]
131 [B<-keylogfile> I<outfile>]
132 [B<-recv_max_early_data> I<int>]
133 [B<-max_early_data> I<int>]
134 [B<-early_data>]
135 [B<-stateless>]
136 [B<-anti_replay>]
137 [B<-no_anti_replay>]
138 [B<-num_tickets>]
139 {- $OpenSSL::safe::opt_name_synopsis -}
140 {- $OpenSSL::safe::opt_version_synopsis -}
141 {- $OpenSSL::safe::opt_v_synopsis -}
142 {- $OpenSSL::safe::opt_s_synopsis -}
143 {- $OpenSSL::safe::opt_x_synopsis -}
144 {- $OpenSSL::safe::opt_trust_synopsis -}
145 {- $OpenSSL::safe::opt_r_synopsis -}
146 {- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_provider_synopsis -}
161 =item B<-help>
165 =item B<-port> I<+int>
169 =item B<-accept> I<val>
173 =item B<-unix> I<val>
177 =item B<-4>
181 =item B<-6>
185 =item B<-unlink>
187 For -unix, unlink any existing socket first.
189 =item B<-context> I<val>
194 =item B<-verify> I<int>, B<-Verify> I<int>
198 the client. With the B<-verify> option a certificate is requested but the
199 client does not have to send one, with the B<-Verify> option the client
207 For details see L<openssl-verification-options(1)/Certificate Extensions>.
209 =item B<-cert> I<infile>
216 =item B<-cert2> I<infile>
220 =item B<-certform> B<DER>|B<PEM>|B<P12>
223 See L<openssl-format-options(1)> for details.
225 =item B<-cert_chain>
228 certificate chain related to the certificate specified via the B<-cert> option.
231 =item B<-build_chain>
236 =item B<-serverinfo> I<val>
244 =item B<-key> I<filename>|I<uri>
249 =item B<-key2> I<filename>|I<uri>
251 The private Key file to use for servername if not given via B<-cert2>.
253 =item B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>
256 See L<openssl-format-options(1)> for details.
258 =item B<-pass> I<val>
262 see L<openssl-passphrase-options(1)>.
264 =item B<-dcert> I<infile>, B<-dkey> I<filename>|I<uri>
267 same manner as the B<-cert> and B<-key> options except there is no default
275 =item B<-dcert_chain>
278 server certificate chain when a certificate specified via the B<-dcert> option
282 =item B<-dcertform> B<DER>|B<PEM>|B<P12>
285 See L<openssl-format-options(1)> for details.
287 =item B<-dkeyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>
290 See L<openssl-format-options(1)> for details.
292 =item B<-dpass> I<val>
296 see L<openssl-passphrase-options(1)>.
298 =item B<-nbio_test>
302 =item B<-crlf>
306 =item B<-debug>
310 =item B<-security_debug>
314 =item B<-security_debug_verbose>
318 =item B<-msg>
322 =item B<-msgfile> I<outfile>
324 File to send output of B<-msg> or B<-trace> to, default standard output.
326 =item B<-state>
330 =item B<-CRL> I<infile>
334 =item B<-CRLform> B<DER>|B<PEM>
337 See L<openssl-format-options(1)> for details.
339 =item B<-crl_download>
343 =item B<-verifyCAfile> I<filename>
348 =item B<-verifyCApath> I<dir>
353 see L<openssl-verify(1)> for more information.
355 =item B<-verifyCAstore> I<uri>
360 =item B<-chainCAfile> I<file>
365 =item B<-chainCApath> I<dir>
370 see L<openssl-verify(1)> for more information.
372 =item B<-chainCAstore> I<uri>
377 With URIs in the C<file:> scheme, this acts as B<-chainCAfile> or
378 B<-chainCApath>, depending on if the URI indicates a directory or a
380 See L<ossl_store-file(7)> for more information on the C<file:> scheme.
382 =item B<-nocert>
388 =item B<-quiet>
392 =item B<-no_resume_ephemeral>
396 =item B<-tlsextdebug>
400 =item B<-www>
407 The B<-early_data> option cannot be used with this option.
409 =item B<-WWW>, B<-HTTP>
414 If the B<-HTTP> flag is used, the files are sent directly, and should contain
416 If the B<-WWW> option is used,
418 examined to determine the B<Content-Type> header.
422 information like the B<-www> option.
423 Neither of these options can be used in conjunction with B<-early_data>.
425 =item B<-http_server_binmode>
427 When acting as web-server (using option B<-WWW> or B<-HTTP>) open files requested
430 =item B<-no_ca_names>
436 =item B<-ignore_unexpected_eof>
445 =item B<-servername>
449 =item B<-servername_fatal>
453 =item B<-id_prefix> I<val>
460 =item B<-keymatexport>
464 =item B<-keymatexportlen>
468 =item B<-no_cache>
472 =item B<-ext_cache>.
476 =item B<-verify_return_error>
482 =item B<-verify_quiet>
486 =item B<-ign_eof>
488 Ignore input EOF (default: when B<-quiet>).
490 =item B<-no_ign_eof>
494 =item B<-no_etm>
496 Disable Encrypt-then-MAC negotiation.
498 =item B<-status>
502 =item B<-status_verbose>
507 =item B<-status_timeout> I<int>
511 =item B<-proxy> I<[http[s]://][userinfo@]host[:port][/path][?query][#fragment]>
513 The HTTP(S) proxy server to use for reaching the OCSP server unless B<-no_proxy>
522 =item B<-no_proxy> I<addresses>
529 =item B<-status_url> I<val>
537 =item B<-status_file> I<infile>
542 =item B<-ssl_config> I<val>
546 =item B<-trace>
550 =item B<-brief>
555 =item B<-rev>
557 Simple echo server that sends back received text reversed. Also sets B<-brief>.
558 Cannot be used in conjunction with B<-early_data>.
560 =item B<-async>
563 asynchronously. This will only have an effect if an asynchronous capable engine
564 is also used via the B<-engine> option. For test purposes the dummy async engine
567 =item B<-max_send_frag> I<+int>
572 =item B<-split_send_frag> I<+int>
581 =item B<-max_pipelines> I<+int>
588 =item B<-naccept> I<+int>
593 =item B<-read_buf> I<+int>
600 =item B<-bugs>
605 =item B<-no_comp>
611 =item B<-comp>
618 =item B<-no_ticket>
621 is negotiated. See B<-num_tickets>.
623 =item B<-num_tickets>
629 =item B<-serverpref>
633 =item B<-prioritize_chacha>
635 Prioritize ChaCha ciphers when preferred by clients. Requires B<-serverpref>.
637 =item B<-no_resumption_on_reneg>
641 =item B<-client_sigalgs> I<val>
644 (colon-separated list).
646 =item B<-named_curve> I<val>
651 and X448 or FFDHE groups, and may also include groups implemented in 3rd-party
654 $ openssl ecparam -list_curves
656 =item B<-cipher> I<val>
663 L<openssl-ciphers(1)> for more information.
665 =item B<-ciphersuites> I<val>
672 L<openssl-ciphers(1)> command for more information. The format for this list is
675 =item B<-dhparam> I<infile>
683 =item B<-nbio>
687 =item B<-timeout>
691 =item B<-mtu>
693 Set link-layer MTU.
695 =item B<-psk_identity> I<val>
701 =item B<-psk_hint> I<val>
705 =item B<-psk> I<val>
708 given as a hexadecimal number without leading 0x, for example -psk
712 =item B<-psk_session> I<file>
717 =item B<-srpvfile>
719 The verifier file for SRP.
722 =item B<-srpuserseed>
727 =item B<-listen>
738 =item B<-sctp>
741 conjunction with B<-dtls>, B<-dtls1> or B<-dtls1_2>. This option is only
744 =item B<-sctp_label_bug>
747 endpoint-pair shared secrets for DTLS/SCTP. This allows communication with
749 implementations. Must be used in conjunction with B<-sctp>. This option is only
752 =item B<-use_srtp>
754 Offer SRTP key management with a colon-separated profile list.
756 =item B<-no_dhe>
761 =item B<-alpn> I<val>, B<-nextprotoneg> I<val>
763 These flags enable the Application-Layer Protocol Negotiation
766 The I<val> list is a comma-separated list of supported protocol
770 The flag B<-nextprotoneg> cannot be specified if B<-tls1_3> is used.
772 =item B<-sendfile>
776 This option is only valid if B<-WWW> or B<-HTTP> is specified.
778 =item B<-keylogfile> I<outfile>
783 =item B<-max_early_data> I<int>
786 and any incoming early data (when used in conjunction with the B<-early_data>
790 =item B<-recv_max_early_data> I<int>
795 =item B<-early_data>
797 Accept early data where possible. Cannot be used in conjunction with B<-www>,
798 B<-WWW>, B<-HTTP> or B<-rev>.
800 =item B<-stateless>
804 =item B<-anti_replay>, B<-no_anti_replay>
813 {- $OpenSSL::safe::opt_name_item -}
815 {- $OpenSSL::safe::opt_version_item -}
817 {- $OpenSSL::safe::opt_s_item -}
819 {- $OpenSSL::safe::opt_x_item -}
821 {- $OpenSSL::safe::opt_trust_item -}
823 {- $OpenSSL::safe::opt_r_item -}
825 {- $OpenSSL::safe::opt_engine_item -}
827 {- $OpenSSL::safe::opt_provider_item -}
829 {- $OpenSSL::safe::opt_v_item -}
833 proceed unless the B<-verify_return_error> option is used.
840 B<-www> nor the B<-WWW> option has been used then normally any data received
894 openssl s_server -accept 443 -www
902 The session parameters can printed out using the L<openssl-sess_id(1)> command.
920 L<openssl-sess_id(1)>,
921 L<openssl-s_client(1)>,
922 L<openssl-ciphers(1)>,
927 L<ossl_store-file(7)>
931 The -no_alt_chains option was added in OpenSSL 1.1.0.
934 -allow-no-dhe-kex and -prioritize_chacha options were added in OpenSSL 1.1.1.
936 The B<-srpvfile>, B<-srpuserseed>, and B<-engine>
941 Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved.