version 1.148, 2023/06/08 09:40:17 |
version 1.149, 2023/07/03 06:22:07 |
|
|
.Sh CIPHERS |
.Sh CIPHERS |
.Nm openssl ciphers |
.Nm openssl ciphers |
.Op Fl hsVv |
.Op Fl hsVv |
.Op Fl tls1 |
|
.Op Fl tls1_1 |
|
.Op Fl tls1_2 |
.Op Fl tls1_2 |
.Op Fl tls1_3 |
.Op Fl tls1_3 |
.Op Ar control |
.Op Ar control |
|
|
Print a brief usage message. |
Print a brief usage message. |
.It Fl s |
.It Fl s |
Only list ciphers that are supported by the TLS method. |
Only list ciphers that are supported by the TLS method. |
.It Fl tls1 | tls1_1 | tls1_2 | tls1_3 |
.It Fl tls1_2 | tls1_3 |
In combination with the |
In combination with the |
.Fl s |
.Fl s |
option, list the ciphers which could be used |
option, list the ciphers which could be used |
|
|
.Op Fl crlf |
.Op Fl crlf |
.Op Fl debug |
.Op Fl debug |
.Op Fl dtls |
.Op Fl dtls |
.Op Fl dtls1 |
|
.Op Fl dtls1_2 |
.Op Fl dtls1_2 |
.Op Fl extended_crl |
.Op Fl extended_crl |
.Op Fl groups Ar list |
.Op Fl groups Ar list |
|
|
.Op Fl no_ign_eof |
.Op Fl no_ign_eof |
.Op Fl no_legacy_server_connect |
.Op Fl no_legacy_server_connect |
.Op Fl no_ticket |
.Op Fl no_ticket |
.Op Fl no_tls1 |
|
.Op Fl no_tls1_1 |
|
.Op Fl no_tls1_2 |
.Op Fl no_tls1_2 |
.Op Fl no_tls1_3 |
.Op Fl no_tls1_3 |
.Op Fl pass Ar arg |
.Op Fl pass Ar arg |
|
|
.Op Fl state |
.Op Fl state |
.Op Fl status |
.Op Fl status |
.Op Fl timeout |
.Op Fl timeout |
.Op Fl tls1 |
|
.Op Fl tls1_1 |
|
.Op Fl tls1_2 |
.Op Fl tls1_2 |
.Op Fl tls1_3 |
.Op Fl tls1_3 |
.Op Fl tlsextdebug |
.Op Fl tlsextdebug |
|
|
Print extensive debugging information, including a hex dump of all traffic. |
Print extensive debugging information, including a hex dump of all traffic. |
.It Fl dtls |
.It Fl dtls |
Permit any version of DTLS. |
Permit any version of DTLS. |
.It Fl dtls1 |
|
Permit only DTLS1.0. |
|
.It Fl dtls1_2 |
.It Fl dtls1_2 |
Permit only DTLS1.2. |
Permit only DTLS1.2. |
.It Fl groups Ar list |
.It Fl groups Ar list |
|
|
.Fl ign_eof |
.Fl ign_eof |
after |
after |
.Fl quiet . |
.Fl quiet . |
.It Fl no_tls1 | no_tls1_1 | no_tls1_2 | no_tls1_3 |
.It Fl no_tls1_2 | no_tls1_3 |
Disable the use of TLS1.0, 1.1, 1.2 and 1.3 respectively. |
Disable the use of TLS1.2 and 1.3 respectively. |
.It Fl no_ticket |
.It Fl no_ticket |
Disable RFC 4507 session ticket support. |
Disable RFC 4507 session ticket support. |
.It Fl pass Ar arg |
.It Fl pass Ar arg |
|
|
The server response (if any) is printed out. |
The server response (if any) is printed out. |
.It Fl timeout |
.It Fl timeout |
Enable send/receive timeout on DTLS connections. |
Enable send/receive timeout on DTLS connections. |
.It Fl tls1 | tls1_1 | tls1_2 | tls1_3 |
.It Fl tls1_2 | tls1_3 |
Permit only TLS1.0, 1.1, 1.2 or 1.3 respectively. |
Permit only TLS1.2 or 1.3 respectively. |
.It Fl tlsextdebug |
.It Fl tlsextdebug |
Print a hex dump of any TLS extensions received from the server. |
Print a hex dump of any TLS extensions received from the server. |
.It Fl use_srtp Ar profiles |
.It Fl use_srtp Ar profiles |
|
|
.Op Fl no_dhe |
.Op Fl no_dhe |
.Op Fl no_ecdhe |
.Op Fl no_ecdhe |
.Op Fl no_ticket |
.Op Fl no_ticket |
.Op Fl no_tls1 |
|
.Op Fl no_tls1_1 |
|
.Op Fl no_tls1_2 |
.Op Fl no_tls1_2 |
.Op Fl no_tls1_3 |
.Op Fl no_tls1_3 |
.Op Fl no_tmp_rsa |
.Op Fl no_tmp_rsa |
|
|
.Op Fl status_url Ar url |
.Op Fl status_url Ar url |
.Op Fl status_verbose |
.Op Fl status_verbose |
.Op Fl timeout |
.Op Fl timeout |
.Op Fl tls1 |
|
.Op Fl tls1_1 |
|
.Op Fl tls1_2 |
.Op Fl tls1_2 |
.Op Fl tls1_3 |
.Op Fl tls1_3 |
.Op Fl tlsextdebug |
.Op Fl tlsextdebug |
|
|
program will be used. |
program will be used. |
.It Fl dtls |
.It Fl dtls |
Permit any version of DTLS. |
Permit any version of DTLS. |
.It Fl dtls1 |
|
Permit only DTLS1.0. |
|
.It Fl dtls1_2 |
.It Fl dtls1_2 |
Permit only DTLS1.2. |
Permit only DTLS1.2. |
.It Fl groups Ar list |
.It Fl groups Ar list |
|
|
Disable ephemeral ECDH cipher suites. |
Disable ephemeral ECDH cipher suites. |
.It Fl no_ticket |
.It Fl no_ticket |
Disable RFC 4507 session ticket support. |
Disable RFC 4507 session ticket support. |
.It Fl no_tls1 | no_tls1_1 | no_tls1_2 | no_tls1_3 |
.It Fl no_tls1_2 | no_tls1_3 |
Disable the use of TLS1.0, 1.1, 1.2, and 1.3, respectively. |
Disable the use of TLS1.2, and 1.3, respectively. |
.It Fl no_tmp_rsa |
.It Fl no_tmp_rsa |
Disable temporary RSA key generation. |
Disable temporary RSA key generation. |
.It Fl nocert |
.It Fl nocert |
|
|
printout of the OCSP response. |
printout of the OCSP response. |
.It Fl timeout |
.It Fl timeout |
Enable send/receive timeout on DTLS connections. |
Enable send/receive timeout on DTLS connections. |
.It Fl tls1 | tls1_1 | tls1_2 | tls1_3 |
.It Fl tls1_2 | tls1_3 |
Permit only TLS1.0, 1.1, 1.2, or 1.3, respectively. |
Permit only TLS1.2, or 1.3, respectively. |
.It Fl tlsextdebug |
.It Fl tlsextdebug |
Print a hex dump of any TLS extensions received from the server. |
Print a hex dump of any TLS extensions received from the server. |
.It Fl use_srtp Ar profiles |
.It Fl use_srtp Ar profiles |