Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (70)
EC Keys (976)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (3311)
Revoked Certificates (16)
Root CA (85)
RSA Keys (2660)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
OpenSSL "s_client" Command Options
What can I use OpenSSL "s_client" command for? What are options supported by the "s_client" command?
✍: FYIcenter.com
OpenSSL "s_client" command
implements a generic SSL/TLS client which can establish a transparent connection
to a remote server speaking SSL/TLS. It's intended for testing purposes only
and provides only rudimentary interface functionality but internally uses mostly
all functionality of the OpenSSL ssl library.
Here are options supported by the "s_client" command:
C:\Users\fyicenter>\local\openssl\openssl.exe OpenSSL> s_client -h unknown option -h usage: s_client args -host host - use -connect instead -port port - use -connect instead -connect host:port - who to connect to (default is localhost:4433) -verify depth - turn on peer certificate verification -cert arg - certificate file to use, PEM format assumed -certform arg - certificate format (PEM or DER) PEM default -key arg - Private key file to use, in cert file if not specified but cert file is. -keyform arg - key format (PEM or DER) PEM default -pass arg - private key file pass phrase source -CApath arg - PEM format directory of CA's -CAfile arg - PEM format file of CA's -reconnect - Drop and re-make the connection with the same Session-ID -pause - sleep(1) after each read(2) and write(2) system call -showcerts - show all certificates in the chain -debug - extra output -msg - Show protocol messages -nbio_test - more ssl protocol testing -state - print the 'ssl' states -nbio - Run with non-blocking IO -crlf - convert LF from terminal into CRLF -quiet - no s_client output -ign_eof - ignore input eof (default when -quiet) -ssl2 - just use SSLv2 -ssl3 - just use SSLv3 -tls1 - just use TLSv1 -dtls1 - just use DTLSv1 -mtu - set the MTU -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol -bugs - Switch on all SSL implementation bug workarounds -serverpref - Use server's cipher preferences (only SSLv2) -cipher - preferred cipher to use, use the 'openssl ciphers' command to see what is available -starttls prot - use the STARTTLS command before starting TLS for those protocols that support it, where 'prot' defines which one to assume. Currently, only "smtp", "pop3", "imap", and "ftp" are supported. -engine id - Initialise and use the specified engine -rand file;file;... -sess_out arg - file to write SSL session to -sess_in arg - file to read SSL session from error in s_client
2012-07-23, 18460👍, 0💬
Popular Posts:
How to create a self-signed root certificate using "makecert.exe"? I want to issue and sign certific...
How to list all commands in OpenSSL? I don't remember exactly what is the command to generate a CSR....
Certificate Summary: Subject: Symantec Class 3 Secure Server CA - G4 Issuer: VeriSign Class 3 Public...
How to see the signing chain of a server certificate in IE? I want to know the root CA who signs the...
Certificate summary - Owner: www.paypal.com, Hosting Support, "PayPal, Inc.", STREET=2211 N 1st St, ...