version 1.66, 2016/09/01 08:26:44 |
version 1.67, 2016/09/02 18:43:52 |
|
|
.Fl connect |
.Fl connect |
will be used. |
will be used. |
.El |
.El |
.\" |
|
.\" S_SERVER |
|
.\" |
|
.Sh S_SERVER |
.Sh S_SERVER |
.nr nS 1 |
.nr nS 1 |
.Nm "openssl s_server" |
.Nm "openssl s_server" |
.Bk -words |
|
.Op Fl accept Ar port |
.Op Fl accept Ar port |
.Op Fl bugs |
.Op Fl bugs |
.Op Fl CAfile Ar file |
.Op Fl CAfile Ar file |
|
|
.Op Fl verify Ar depth |
.Op Fl verify Ar depth |
.Op Fl WWW |
.Op Fl WWW |
.Op Fl www |
.Op Fl www |
.Ek |
|
.nr nS 0 |
.nr nS 0 |
.Pp |
.Pp |
The |
The |
|
|
command implements a generic SSL/TLS server which listens |
command implements a generic SSL/TLS server which listens |
for connections on a given port using SSL/TLS. |
for connections on a given port using SSL/TLS. |
.Pp |
.Pp |
|
If a connection request is established with a client and neither the |
|
.Fl www |
|
nor the |
|
.Fl WWW |
|
option has been used, then any data received |
|
from the client is displayed and any key presses are sent to the client. |
|
Certain single letter commands perform special operations: |
|
.Pp |
|
.Bl -tag -width "XXXX" -compact |
|
.It Ic P |
|
Send plain text, which should cause the client to disconnect. |
|
.It Ic Q |
|
End the current SSL connection and exit. |
|
.It Ic q |
|
End the current SSL connection, but still accept new connections. |
|
.It Ic R |
|
Renegotiate the SSL session and request a client certificate. |
|
.It Ic r |
|
Renegotiate the SSL session. |
|
.It Ic S |
|
Print out some session cache status information. |
|
.El |
|
.Pp |
The options are as follows: |
The options are as follows: |
.Bl -tag -width Ds |
.Bl -tag -width Ds |
.It Fl accept Ar port |
.It Fl accept Ar port |
The TCP |
Listen on TCP |
.Ar port |
.Ar port |
to listen on for connections. |
for connections. |
If not specified, 4433 is used. |
The default is port 4433. |
.It Fl bugs |
.It Fl bugs |
There are several known bugs in SSL and TLS implementations. |
Enable various workarounds for buggy implementations. |
Adding this option enables various workarounds. |
|
.It Fl CAfile Ar file |
.It Fl CAfile Ar file |
A file containing trusted certificates to use during client authentication |
A |
|
.Ar file |
|
containing trusted certificates to use during client authentication |
and to use when attempting to build the server certificate chain. |
and to use when attempting to build the server certificate chain. |
The list is also used in the list of acceptable client CAs passed to the |
The list is also used in the list of acceptable client CAs passed to the |
client when a certificate is requested. |
client when a certificate is requested. |
|
|
for more information. |
for more information. |
These are also used when building the server certificate chain. |
These are also used when building the server certificate chain. |
.It Fl cert Ar file |
.It Fl cert Ar file |
The certificate to use; most server's cipher suites require the use of a |
The certificate to use: most server's cipher suites require the use of a |
certificate and some require a certificate with a certain public key type: |
certificate and some require a certificate with a certain public key type. |
for example the DSS cipher suites require a certificate containing a DSS |
For example, the DSS cipher suites require a certificate containing a DSS |
.Pq DSA |
(DSA) key. |
key. |
|
If not specified, the file |
If not specified, the file |
.Pa server.pem |
.Pa server.pem |
will be used. |
will be used. |
.It Fl cipher Ar cipherlist |
.It Fl cipher Ar cipherlist |
|
Modify the cipher list used by the server. |
This allows the cipher list used by the server to be modified. |
This allows the cipher list used by the server to be modified. |
When the client sends a list of supported ciphers, the first client cipher |
When the client sends a list of supported ciphers, the first client cipher |
also included in the server list is used. |
also included in the server list is used. |
Because the client specifies the preference order, the order of the server |
Because the client specifies the preference order, the order of the server |
cipherlist is irrelevant. |
cipherlist is irrelevant. |
See the |
See the |
.Sx CIPHERS |
.Nm ciphers |
section for more information. |
command for more information. |
.It Fl context Ar id |
.It Fl context Ar id |
Sets the SSL context ID. |
Set the SSL context ID. |
It can be given any string value. |
It can be given any string value. |
If this option is not present, a default value will be used. |
|
.It Fl crl_check , crl_check_all |
.It Fl crl_check , crl_check_all |
Check the peer certificate has not been revoked by its CA. |
Check the peer certificate has not been revoked by its CA. |
The CRLs are appended to the certificate file. |
The CRLs are appended to the certificate file. |
With the |
|
.Fl crl_check_all |
.Fl crl_check_all |
option, all CRLs of all CAs in the chain are checked. |
checks all CRLs of all CAs in the chain. |
.It Fl crlf |
.It Fl crlf |
This option translates a line feed from the terminal into CR+LF. |
Translate a line feed from the terminal into CR+LF. |
.It Fl dcert Ar file , Fl dkey Ar file |
.It Fl dcert Ar file , Fl dkey Ar file |
Specify an additional certificate and private key; these behave in the |
Specify an additional certificate and private key; these behave in the |
same manner as the |
same manner as the |
|
|
and |
and |
.Fl key |
.Fl key |
options except there is no default if they are not specified |
options except there is no default if they are not specified |
.Pq no additional certificate or key is used . |
(no additional certificate or key is used). |
As noted above some cipher suites require a certificate containing a key of |
|
a certain type. |
|
Some cipher suites need a certificate carrying an RSA key |
|
and some a DSS |
|
.Pq DSA |
|
key. |
|
By using RSA and DSS certificates and keys, |
By using RSA and DSS certificates and keys, |
a server can support clients which only support RSA or DSS cipher suites |
a server can support clients which only support RSA or DSS cipher suites |
by using an appropriate certificate. |
by using an appropriate certificate. |
.It Fl debug |
.It Fl debug |
Print extensive debugging information including a hex dump of all traffic. |
Print extensive debugging information, including a hex dump of all traffic. |
.It Fl dhparam Ar file |
.It Fl dhparam Ar file |
The DH parameter file to use. |
The DH parameter file to use. |
The ephemeral DH cipher suites generate keys |
The ephemeral DH cipher suites generate keys |
|
|
.Nm s_server |
.Nm s_server |
program will be used. |
program will be used. |
.It Fl hack |
.It Fl hack |
This option enables a further workaround for some early Netscape |
Enables a further workaround for some early Netscape SSL code. |
SSL code |
|
.Pq \&? . |
|
.It Fl HTTP |
.It Fl HTTP |
Emulates a simple web server. |
Emulate a simple web server. |
Pages will be resolved relative to the current directory; |
Pages are resolved relative to the current directory. |
for example if the URL |
For example if the URL |
.Pa https://myhost/page.html |
.Pa https://myhost/page.html |
is requested, the file |
is requested, the file |
.Pa ./page.html |
.Pa ./page.html |
|
|
Generate SSL/TLS session IDs prefixed by |
Generate SSL/TLS session IDs prefixed by |
.Ar arg . |
.Ar arg . |
This is mostly useful for testing any SSL/TLS code |
This is mostly useful for testing any SSL/TLS code |
.Pq e.g. proxies |
(e.g. proxies) |
that wish to deal with multiple servers, when each of which might be |
that wish to deal with multiple servers, when each of which might be |
generating a unique range of session IDs |
generating a unique range of session IDs |
.Pq e.g. with a certain prefix . |
(e.g. with a certain prefix). |
.It Fl key Ar keyfile |
.It Fl key Ar keyfile |
The private key to use. |
The private key to use. |
If not specified, the certificate file will be used. |
If not specified, the certificate file will be used. |
.It Fl msg |
.It Fl msg |
Show all protocol messages with hex dump. |
Show all protocol messages with hex dump. |
.It Fl nbio |
.It Fl nbio |
Turns on non-blocking I/O. |
Turn on non-blocking I/O. |
.It Fl nbio_test |
.It Fl nbio_test |
Tests non-blocking I/O. |
Test non-blocking I/O. |
.It Fl no_dhe |
.It Fl no_dhe |
If this option is set, no DH parameters will be loaded, effectively |
Disable ephemeral DH cipher suites. |
disabling the ephemeral DH cipher suites. |
|
.It Fl no_tls1 | no_tls1_1 | no_tls1_2 |
.It Fl no_tls1 | no_tls1_1 | no_tls1_2 |
By default, the initial handshake uses a method which should be compatible |
Disable the use of TLS1.0, 1.1, and 1.2, respectively. |
with clients supporting any version of TLS. |
|
These options disable the use of TLS1.0, 1.1, and 1.2, respectively. |
|
.It Fl no_tmp_rsa |
.It Fl no_tmp_rsa |
Certain export cipher suites sometimes use a temporary RSA key; this option |
Disable temporary RSA key generation. |
disables temporary RSA key generation. |
|
.It Fl nocert |
.It Fl nocert |
If this option is set, no certificate is used. |
Do not use a certificate. |
This restricts the cipher suites available to the anonymous ones |
This restricts the cipher suites available to the anonymous ones |
.Pq currently just anonymous DH . |
(currently just anonymous DH). |
.It Fl psk Ar key |
.It Fl psk Ar key |
Use the PSK key |
Use the PSK key |
.Ar key |
.Ar key |
|
|
.It Fl serverpref |
.It Fl serverpref |
Use server's cipher preferences. |
Use server's cipher preferences. |
.It Fl state |
.It Fl state |
Prints out the SSL session states. |
Print the SSL session states. |
.It Fl tls1 | tls1_1 | tls1_2 |
.It Fl tls1 | tls1_1 | tls1_2 |
Permit only TLS1.0, 1.1, or 1.2, respectively. |
Permit only TLS1.0, 1.1, or 1.2, respectively. |
.It Fl WWW |
.It Fl WWW |
Emulates a simple web server. |
Emulate a simple web server. |
Pages will be resolved relative to the current directory; |
Pages are resolved relative to the current directory. |
for example if the URL |
For example if the URL |
.Pa https://myhost/page.html |
.Pa https://myhost/page.html |
is requested, the file |
is requested, the file |
.Pa ./page.html |
.Pa ./page.html |
will be loaded. |
will be loaded. |
.It Fl www |
.It Fl www |
Sends a status message back to the client when it connects. |
Send a status message to the client when it connects, |
This includes lots of information about the ciphers used and various |
including information about the ciphers used and various session parameters. |
session parameters. |
|
The output is in HTML format so this option will normally be used with a |
The output is in HTML format so this option will normally be used with a |
web browser. |
web browser. |
.It Fl Verify Ar depth , Fl verify Ar depth |
.It Fl Verify Ar depth , Fl verify Ar depth |
The verify |
Request a certificate chain from the client, |
.Ar depth |
with a maximum length of |
to use. |
.Ar depth . |
This specifies the maximum length of the client certificate chain |
With |
and makes the server request a certificate from the client. |
.Fl Verify , |
With the |
the client must supply a certificate or an error occurs; |
.Fl Verify |
with |
option, the client must supply a certificate or an error occurs. |
.Fl verify , |
With the |
a certificate is requested but the client does not have to send one. |
.Fl verify |
|
option, a certificate is requested but the client does not have to send one. |
|
.El |
.El |
.Sh S_SERVER CONNECTED COMMANDS |
|
If a connection request is established with an SSL client and neither the |
|
.Fl www |
|
nor the |
|
.Fl WWW |
|
option has been used, then normally any data received |
|
from the client is displayed and any key presses will be sent to the client. |
|
.Pp |
|
Certain single letter commands are also recognized which perform special |
|
operations: these are listed below. |
|
.Bl -tag -width "XXXX" |
|
.It Ar P |
|
Send some plain text down the underlying TCP connection: this should |
|
cause the client to disconnect due to a protocol violation. |
|
.It Ar Q |
|
End the current SSL connection and exit. |
|
.It Ar q |
|
End the current SSL connection, but still accept new connections. |
|
.It Ar R |
|
Renegotiate the SSL session and request a client certificate. |
|
.It Ar r |
|
Renegotiate the SSL session. |
|
.It Ar S |
|
Print out some session cache status information. |
|
.El |
|
.Sh S_SERVER NOTES |
|
.Nm s_server |
|
can be used to debug SSL clients. |
|
To accept connections from a web browser the command: |
|
.Pp |
|
.Dl $ openssl s_server -accept 443 -www |
|
.Pp |
|
can be used, for example. |
|
.Pp |
|
Most web browsers |
|
.Pq in particular Netscape and MSIE |
|
only support RSA cipher suites, so they cannot connect to servers |
|
which don't use a certificate carrying an RSA key or a version of |
|
.Nm OpenSSL |
|
with RSA disabled. |
|
.Pp |
|
Although specifying an empty list of CAs when requesting a client certificate |
|
is strictly speaking a protocol violation, some SSL |
|
clients interpret this to mean any CA is acceptable. |
|
This is useful for debugging purposes. |
|
.Pp |
|
The session parameters can printed out using the |
|
.Nm sess_id |
|
program. |
|
.Sh S_SERVER BUGS |
|
Because this program has a lot of options and also because some of |
|
the techniques used are rather old, the C source of |
|
.Nm s_server |
|
is rather hard to read and not a model of how things should be done. |
|
A typical SSL server program would be much simpler. |
|
.Pp |
|
The output of common ciphers is wrong: it just gives the list of ciphers that |
|
.Nm OpenSSL |
|
recognizes and the client supports. |
|
.Pp |
|
There should be a way for the |
|
.Nm s_server |
|
program to print out details of any |
|
unknown cipher suites a client says it supports. |
|
.\" |
.\" |
.\" S_TIME |
.\" S_TIME |
.\" |
.\" |