Collections:
Other Resources:
OpenSSL "s_client" Command Options
What can I use OpenSSL "s_client" command for? What are options supported by the "s_client" command?
✍: FYIcenter.com
OpenSSL "s_client" command implements a generic SSL/TLS client which can establish a transparent connection to a remote server speaking SSL/TLS. It's intended for testing purposes only and provides only rudimentary interface functionality but internally uses mostly all functionality of the OpenSSL ssl library.
Here are options supported by the "s_client" command:
C:\Users\fyicenter>\local\openssl\openssl.exe OpenSSL> s_client -h unknown option -h usage: s_client args -host host - use -connect instead -port port - use -connect instead -connect host:port - who to connect to (default is localhost:4433) -verify depth - turn on peer certificate verification -cert arg - certificate file to use, PEM format assumed -certform arg - certificate format (PEM or DER) PEM default -key arg - Private key file to use, in cert file if not specified but cert file is. -keyform arg - key format (PEM or DER) PEM default -pass arg - private key file pass phrase source -CApath arg - PEM format directory of CA's -CAfile arg - PEM format file of CA's -reconnect - Drop and re-make the connection with the same Session-ID -pause - sleep(1) after each read(2) and write(2) system call -showcerts - show all certificates in the chain -debug - extra output -msg - Show protocol messages -nbio_test - more ssl protocol testing -state - print the 'ssl' states -nbio - Run with non-blocking IO -crlf - convert LF from terminal into CRLF -quiet - no s_client output -ign_eof - ignore input eof (default when -quiet) -ssl2 - just use SSLv2 -ssl3 - just use SSLv3 -tls1 - just use TLSv1 -dtls1 - just use DTLSv1 -mtu - set the MTU -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol -bugs - Switch on all SSL implementation bug workarounds -serverpref - Use server's cipher preferences (only SSLv2) -cipher - preferred cipher to use, use the 'openssl ciphers' command to see what is available -starttls prot - use the STARTTLS command before starting TLS for those protocols that support it, where 'prot' defines which one to assume. Currently, only "smtp", "pop3", "imap", and "ftp" are supported. -engine id - Initialise and use the specified engine -rand file;file;... -sess_out arg - file to write SSL session to -sess_in arg - file to read SSL session from error in s_client
2012-07-23, 20611🔥, 0💬
Popular Posts:
Certificate Summary: Subject: AME INFRA CA 01 Issuer: ameroot Expiration: 2025-09-15 03:15:08 UTC Ke...
Certificate summary - Owner: support3.cdnetworks.net, CDNetworks Inc., L=San Jose, ST=California, US...
Certificate Summary: Subject: *.xvideos.com Issuer: RapidSSL RSA CA 2018 Expiration: 2021-04-11 12:0...
Certificate summary - Owner: *.iqiyi.com, Terms of use at www.verisign.com/rpa (c)05, Cloud Platform...
Certificate summary - Owner: www.earthlink.net, InstantSSL, Issued through EarthLink Inc. E-PKI Mana...