aboutsummaryrefslogtreecommitdiff
path: root/openssl/doc/apps
diff options
context:
space:
mode:
Diffstat (limited to 'openssl/doc/apps')
-rw-r--r--openssl/doc/apps/c_rehash.pod43
-rw-r--r--openssl/doc/apps/ciphers.pod75
-rw-r--r--openssl/doc/apps/cms.pod45
-rw-r--r--openssl/doc/apps/dgst.pod11
-rw-r--r--openssl/doc/apps/genpkey.pod13
-rw-r--r--openssl/doc/apps/ocsp.pod4
-rw-r--r--openssl/doc/apps/pkcs8.pod12
-rw-r--r--openssl/doc/apps/req.pod4
-rw-r--r--openssl/doc/apps/s_client.pod22
-rw-r--r--openssl/doc/apps/s_server.pod20
-rw-r--r--openssl/doc/apps/verify.pod30
-rw-r--r--openssl/doc/apps/x509.pod10
12 files changed, 230 insertions, 59 deletions
diff --git a/openssl/doc/apps/c_rehash.pod b/openssl/doc/apps/c_rehash.pod
index c564e8631..ccce29e47 100644
--- a/openssl/doc/apps/c_rehash.pod
+++ b/openssl/doc/apps/c_rehash.pod
@@ -10,13 +10,19 @@ c_rehash - Create symbolic links to files named by the hash values
=head1 SYNOPSIS
B<c_rehash>
+B<[-old]>
+B<[-h]>
+B<[-n]>
+B<[-v]>
[ I<directory>...]
=head1 DESCRIPTION
-B<c_rehash> scans directories and calculates a hash value of each C<.pem>
+B<c_rehash> scans directories and calculates a hash value of each
+C<.pem>, C<.crt>, C<.cer>, or C<.crl>
file in the specified directory list and creates symbolic links
for each file, where the name of the link is the hash value.
+(If the platform does not support symbolic links, a copy is made.)
This utility is useful as many programs that use OpenSSL require
directories to be set up like this in order to find certificates.
@@ -34,6 +40,7 @@ is a hexadecimal character and B<D> is a single decimal digit.
When processing a directory, B<c_rehash> will first remove all links
that have a name in that syntax. If you have links in that format
used for other purposes, they will be removed.
+To skip the removal step, use the B<-n> flag.
Hashes for CRL's look similar except the letter B<r> appears after
the period, like this: C<HHHHHHHH.rD>.
@@ -42,7 +49,7 @@ incrementing the B<D> value. Duplicates are found by comparing the
full SHA-1 fingerprint. A warning will be displayed if a duplicate
is found.
-A warning will also be displayed if there are B<.pem> files that
+A warning will also be displayed if there are files that
cannot be parsed as either a certificate or a CRL.
The program uses the B<openssl> program to compute the hashes and
@@ -51,13 +58,39 @@ B<OPENSSL> environment variable to the full pathname.
Any program can be used, it will be invoked as follows for either
a certificate or CRL:
- $OPENSSL x509 -hash -fingerprint -noout -in FFFFFF
- $OPENSSL crl -hash -fingerprint -noout -in FFFFFF
+ $OPENSSL x509 -hash -fingerprint -noout -in FILENAME
+ $OPENSSL crl -hash -fingerprint -noout -in FILENAME
-where B<FFFFFF> is the filename. It must output the hash of the
+where B<FILENAME> is the filename. It must output the hash of the
file on the first line, and the fingerprint on the second,
optionally prefixed with some text and an equals sign.
+=head1 OPTIONS
+
+=over 4
+
+=item B<-old>
+
+Use old-style hashing (MD5, as opposed to SHA-1) for generating
+links for releases before 1.0.0. Note that current versions will
+not use the old style.
+
+=item B<-h>
+
+Display a brief usage message.
+
+=item B<-n>
+
+Do not remove existing links.
+This is needed when keeping new and old-style links in the same directory.
+
+=item B<-v>
+
+Print messages about old links removed and new links created.
+By default, B<c_rehash> only lists each directory as it is processed.
+
+=back
+
=head1 ENVIRONMENT
=over
diff --git a/openssl/doc/apps/ciphers.pod b/openssl/doc/apps/ciphers.pod
index 6086d0a71..4eeb55be2 100644
--- a/openssl/doc/apps/ciphers.pod
+++ b/openssl/doc/apps/ciphers.pod
@@ -175,14 +175,14 @@ cipher suites using RSA key exchange.
=item B<kDHr>, B<kDHd>, B<kDH>
cipher suites using DH key agreement and DH certificates signed by CAs with RSA
-and DSS keys or either respectively. Not implemented.
+and DSS keys or either respectively.
-=item B<kEDH>
+=item B<kDHE>, B<kEDH>
cipher suites using ephemeral DH key agreement, including anonymous cipher
suites.
-=item B<EDH>
+=item B<DHE>, B<EDH>
cipher suites using authenticated ephemeral DH key agreement.
@@ -200,12 +200,12 @@ cipher suites using DH, including anonymous DH, ephemeral DH and fixed DH.
cipher suites using fixed ECDH key agreement signed by CAs with RSA and ECDSA
keys or either respectively.
-=item B<kEECDH>
+=item B<kECDHE>, B<kEECDH>
cipher suites using ephemeral ECDH key agreement, including anonymous
cipher suites.
-=item B<EECDHE>
+=item B<ECDHE>, B<EECDH>
cipher suites using authenticated ephemeral ECDH key agreement.
@@ -229,7 +229,7 @@ cipher suites using DSS authentication, i.e. the certificates carry DSS keys.
=item B<aDH>
cipher suites effectively using DH authentication, i.e. the certificates carry
-DH keys. Not implemented.
+DH keys.
=item B<aECDH>
@@ -331,6 +331,18 @@ cipher suites using GOST 28147-89 MAC B<instead of> HMAC.
cipher suites using pre-shared keys (PSK).
+=item B<SUITEB128>, B<SUITEB128ONLY>, B<SUITEB192>
+
+enables suite B mode operation using 128 (permitting 192 bit mode by peer)
+128 bit (not permitting 192 bit by peer) or 192 bit level of security
+respectively. If used these cipherstrings should appear first in the cipher
+list and anything after them is ignored. Setting Suite B mode has additional
+consequences required to comply with RFC6460. In particular the supported
+signature algorithms is reduced to support only ECDSA and SHA256 or SHA384,
+only the elliptic curves P-256 and P-384 can be used and only the two suite B
+compliant ciphersuites (ECDHE-ECDSA-AES128-GCM-SHA256 and
+ECDHE-ECDSA-AES256-GCM-SHA384) are permissible.
+
=back
=head1 CIPHER SUITE NAMES
@@ -353,12 +365,12 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.
SSL_RSA_WITH_DES_CBC_SHA DES-CBC-SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA DES-CBC3-SHA
- SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA Not implemented.
- SSL_DH_DSS_WITH_DES_CBC_SHA Not implemented.
- SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA Not implemented.
- SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA Not implemented.
- SSL_DH_RSA_WITH_DES_CBC_SHA Not implemented.
- SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA Not implemented.
+ SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA EXP-DH-DSS-DES-CBC-SHA
+ SSL_DH_DSS_WITH_DES_CBC_SHA DH-DSS-DES-CBC-SHA
+ SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA DH-DSS-DES-CBC3-SHA
+ SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-DH-RSA-DES-CBC-SHA
+ SSL_DH_RSA_WITH_DES_CBC_SHA DH-RSA-DES-CBC-SHA
+ SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA DH-RSA-DES-CBC3-SHA
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA EXP-EDH-DSS-DES-CBC-SHA
SSL_DHE_DSS_WITH_DES_CBC_SHA EDH-DSS-CBC-SHA
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA EDH-DSS-DES-CBC3-SHA
@@ -413,10 +425,10 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.
TLS_RSA_WITH_AES_128_CBC_SHA AES128-SHA
TLS_RSA_WITH_AES_256_CBC_SHA AES256-SHA
- TLS_DH_DSS_WITH_AES_128_CBC_SHA Not implemented.
- TLS_DH_DSS_WITH_AES_256_CBC_SHA Not implemented.
- TLS_DH_RSA_WITH_AES_128_CBC_SHA Not implemented.
- TLS_DH_RSA_WITH_AES_256_CBC_SHA Not implemented.
+ TLS_DH_DSS_WITH_AES_128_CBC_SHA DH-DSS-AES128-SHA
+ TLS_DH_DSS_WITH_AES_256_CBC_SHA DH-DSS-AES256-SHA
+ TLS_DH_RSA_WITH_AES_128_CBC_SHA DH-RSA-AES128-SHA
+ TLS_DH_RSA_WITH_AES_256_CBC_SHA DH-RSA-AES256-SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA DHE-DSS-AES128-SHA
TLS_DHE_DSS_WITH_AES_256_CBC_SHA DHE-DSS-AES256-SHA
@@ -431,10 +443,10 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA CAMELLIA128-SHA
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA CAMELLIA256-SHA
- TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA Not implemented.
- TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA Not implemented.
- TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA Not implemented.
- TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA Not implemented.
+ TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA DH-DSS-CAMELLIA128-SHA
+ TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA DH-DSS-CAMELLIA256-SHA
+ TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA DH-RSA-CAMELLIA128-SHA
+ TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA DH-RSA-CAMELLIA256-SHA
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA DHE-DSS-CAMELLIA128-SHA
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA DHE-DSS-CAMELLIA256-SHA
@@ -448,8 +460,8 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.
TLS_RSA_WITH_SEED_CBC_SHA SEED-SHA
- TLS_DH_DSS_WITH_SEED_CBC_SHA Not implemented.
- TLS_DH_RSA_WITH_SEED_CBC_SHA Not implemented.
+ TLS_DH_DSS_WITH_SEED_CBC_SHA DH-DSS-SEED-SHA
+ TLS_DH_RSA_WITH_SEED_CBC_SHA DH-RSA-SEED-SHA
TLS_DHE_DSS_WITH_SEED_CBC_SHA DHE-DSS-SEED-SHA
TLS_DHE_RSA_WITH_SEED_CBC_SHA DHE-RSA-SEED-SHA
@@ -517,15 +529,15 @@ Note: these ciphers can also be used in SSL v3.
TLS_RSA_WITH_AES_128_GCM_SHA256 AES128-GCM-SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384 AES256-GCM-SHA384
- TLS_DH_RSA_WITH_AES_128_CBC_SHA256 Not implemented.
- TLS_DH_RSA_WITH_AES_256_CBC_SHA256 Not implemented.
- TLS_DH_RSA_WITH_AES_128_GCM_SHA256 Not implemented.
- TLS_DH_RSA_WITH_AES_256_GCM_SHA384 Not implemented.
+ TLS_DH_RSA_WITH_AES_128_CBC_SHA256 DH-RSA-AES128-SHA256
+ TLS_DH_RSA_WITH_AES_256_CBC_SHA256 DH-RSA-AES256-SHA256
+ TLS_DH_RSA_WITH_AES_128_GCM_SHA256 DH-RSA-AES128-GCM-SHA256
+ TLS_DH_RSA_WITH_AES_256_GCM_SHA384 DH-RSA-AES256-GCM-SHA384
- TLS_DH_DSS_WITH_AES_128_CBC_SHA256 Not implemented.
- TLS_DH_DSS_WITH_AES_256_CBC_SHA256 Not implemented.
- TLS_DH_DSS_WITH_AES_128_GCM_SHA256 Not implemented.
- TLS_DH_DSS_WITH_AES_256_GCM_SHA384 Not implemented.
+ TLS_DH_DSS_WITH_AES_128_CBC_SHA256 DH-DSS-AES128-SHA256
+ TLS_DH_DSS_WITH_AES_256_CBC_SHA256 DH-DSS-AES256-SHA256
+ TLS_DH_DSS_WITH_AES_128_GCM_SHA256 DH-DSS-AES128-GCM-SHA256
+ TLS_DH_DSS_WITH_AES_256_GCM_SHA384 DH-DSS-AES256-GCM-SHA384
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 DHE-RSA-AES128-SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 DHE-RSA-AES256-SHA256
@@ -581,9 +593,6 @@ Note: these ciphers can also be used in SSL v3.
=head1 NOTES
-The non-ephemeral DH modes are currently unimplemented in OpenSSL
-because there is no support for DH certificates.
-
Some compiled versions of OpenSSL may not include all the ciphers
listed here because some ciphers were excluded at compile time.
diff --git a/openssl/doc/apps/cms.pod b/openssl/doc/apps/cms.pod
index 75b698834..76dbf2ca3 100644
--- a/openssl/doc/apps/cms.pod
+++ b/openssl/doc/apps/cms.pod
@@ -57,6 +57,7 @@ B<openssl> B<cms>
[B<-secretkeyid id>]
[B<-econtent_type type>]
[B<-inkey file>]
+[B<-keyopt name:parameter>]
[B<-passin arg>]
[B<-rand file(s)>]
[B<cert.pem...>]
@@ -321,8 +322,13 @@ verification was successful.
=item B<-recip file>
-the recipients certificate when decrypting a message. This certificate
-must match one of the recipients of the message or an error occurs.
+when decrypting a message this specifies the recipients certificate. The
+certificate must match one of the recipients of the message or an error
+occurs.
+
+When encrypting a message this option may be used multiple times to specify
+each recipient. This form B<must> be used if customised parameters are
+required (for example to specify RSA-OAEP).
=item B<-keyid>
@@ -381,6 +387,13 @@ private key must be included in the certificate file specified with
the B<-recip> or B<-signer> file. When signing this option can be used
multiple times to specify successive keys.
+=item B<-keyopt name:opt>
+
+for signing and encryption this option can be used multiple times to
+set customised parameters for the preceding key or certificate. It can
+currently be used to set RSA-PSS for signing, RSA-OAEP for encryption
+or to modify default parameters for ECDH.
+
=item B<-passin arg>
the private key password source. For more information about the format of B<arg>
@@ -508,6 +521,10 @@ The B<-compress> option.
The B<-secretkey> option when used with B<-encrypt>.
+The use of PSS with B<-sign>.
+
+The use of OAEP or non-RSA keys with B<-encrypt>.
+
Additionally the B<-EncryptedData_create> and B<-data_create> type cannot
be processed by the older B<smime> command.
@@ -588,6 +605,21 @@ Add a signer to an existing message:
openssl cms -resign -in mail.msg -signer newsign.pem -out mail2.msg
+Sign mail using RSA-PSS:
+
+ openssl cms -sign -in message.txt -text -out mail.msg \
+ -signer mycert.pem -keyopt rsa_padding_mode:pss
+
+Create encrypted mail using RSA-OAEP:
+
+ openssl cms -encrypt -in plain.txt -out mail.msg \
+ -recip cert.pem -keyopt rsa_padding_mode:oaep
+
+Use SHA256 KDF with an ECDH certificate:
+
+ openssl cms -encrypt -in plain.txt -out mail.msg \
+ -recip ecdhcert.pem -keyopt ecdh_kdf_md:sha256
+
=head1 BUGS
The MIME parser isn't very clever: it seems to handle most messages that I've
@@ -613,5 +645,14 @@ No revocation checking is done on the signer's certificate.
The use of multiple B<-signer> options and the B<-resign> command were first
added in OpenSSL 1.0.0
+The B<keyopt> option was first added in OpenSSL 1.1.0
+
+The use of B<-recip> to specify the recipient when encrypting mail was first
+added to OpenSSL 1.1.0
+
+Support for RSA-OAEP and RSA-PSS was first added to OpenSSL 1.1.0.
+
+The use of non-RSA keys with B<-encrypt> and B<-decrypt> was first added
+to OpenSSL 1.1.0.
=cut
diff --git a/openssl/doc/apps/dgst.pod b/openssl/doc/apps/dgst.pod
index 2414c5337..9e15798d8 100644
--- a/openssl/doc/apps/dgst.pod
+++ b/openssl/doc/apps/dgst.pod
@@ -13,6 +13,8 @@ B<openssl> B<dgst>
[B<-hex>]
[B<-binary>]
[B<-r>]
+[B<-hmac arg>]
+[B<-non-fips-allow>]
[B<-out filename>]
[B<-sign filename>]
[B<-keyform arg>]
@@ -62,6 +64,15 @@ output the digest or signature in binary form.
output the digest in the "coreutils" format used by programs like B<sha1sum>.
+=item B<-hmac arg>
+
+set the HMAC key to "arg".
+
+=item B<-non-fips-allow>
+
+Allow use of non FIPS digest when in FIPS mode. This has no effect when not in
+FIPS mode.
+
=item B<-out filename>
filename to output to, or standard output by default.
diff --git a/openssl/doc/apps/genpkey.pod b/openssl/doc/apps/genpkey.pod
index c74d097fb..929edcd26 100644
--- a/openssl/doc/apps/genpkey.pod
+++ b/openssl/doc/apps/genpkey.pod
@@ -128,6 +128,15 @@ The number of bits in the prime parameter B<p>.
The value to use for the generator B<g>.
+=item B<dh_rfc5114:num>
+
+If this option is set then the appropriate RFC5114 parameters are used
+instead of generating new parameters. The value B<num> can take the
+values 1, 2 or 3 corresponding to RFC5114 DH parameters consisting of
+1024 bit group with 160 bit subgroup, 2048 bit group with 224 bit subgroup
+and 2048 bit group with 256 bit subgroup as mentioned in RFC5114 sections
+2.1, 2.2 and 2.3 respectively.
+
=back
=head1 EC PARAMETER GENERATION OPTIONS
@@ -206,6 +215,10 @@ Generate 1024 bit DH parameters:
openssl genpkey -genparam -algorithm DH -out dhp.pem \
-pkeyopt dh_paramgen_prime_len:1024
+Output RFC5114 2048 bit DH parameters with 224 bit subgroup:
+
+ openssl genpkey -genparam -algorithm DH -out dhp.pem -pkeyopt dh_rfc5114:2
+
Generate DH key from parameters:
openssl genpkey -paramfile dhp.pem -out dhkey.pem
diff --git a/openssl/doc/apps/ocsp.pod b/openssl/doc/apps/ocsp.pod
index af2e12e41..38f026afc 100644
--- a/openssl/doc/apps/ocsp.pod
+++ b/openssl/doc/apps/ocsp.pod
@@ -133,6 +133,10 @@ if the B<host> option is present then the OCSP request is sent to the host
B<hostname> on port B<port>. B<path> specifies the HTTP path name to use
or "/" by default.
+=item B<-timeout seconds>
+
+connection timeout to the OCSP responder in seconds
+
=item B<-CAfile file>, B<-CApath pathname>
file or pathname containing trusted CA certificates. These are used to verify
diff --git a/openssl/doc/apps/pkcs8.pod b/openssl/doc/apps/pkcs8.pod
index 84abee78f..6901f1f3f 100644
--- a/openssl/doc/apps/pkcs8.pod
+++ b/openssl/doc/apps/pkcs8.pod
@@ -20,6 +20,7 @@ B<openssl> B<pkcs8>
[B<-embed>]
[B<-nsdb>]
[B<-v2 alg>]
+[B<-v2prf alg>]
[B<-v1 alg>]
[B<-engine id>]
@@ -118,6 +119,12 @@ private keys with OpenSSL then this doesn't matter.
The B<alg> argument is the encryption algorithm to use, valid values include
B<des>, B<des3> and B<rc2>. It is recommended that B<des3> is used.
+=item B<-v2prf alg>
+
+This option sets the PRF algorithm to use with PKCS#5 v2.0. A typical value
+values would be B<hmacWithSHA256>. If this option isn't set then the default
+for the cipher is used or B<hmacWithSHA1> if there is no default.
+
=item B<-v1 alg>
This option specifies a PKCS#5 v1.5 or PKCS#12 algorithm to use. A complete
@@ -195,6 +202,11 @@ DES:
openssl pkcs8 -in key.pem -topk8 -v2 des3 -out enckey.pem
+Convert a private from traditional to PKCS#5 v2.0 format using AES with
+256 bits in CBC mode and B<hmacWithSHA256> PRF:
+
+ openssl pkcs8 -in key.pem -topk8 -v2 aes-256-cbc -v2prf hmacWithSHA256 -out enckey.pem
+
Convert a private key to PKCS#8 using a PKCS#5 1.5 compatible algorithm
(DES):
diff --git a/openssl/doc/apps/req.pod b/openssl/doc/apps/req.pod
index 0730d117b..df68cb092 100644
--- a/openssl/doc/apps/req.pod
+++ b/openssl/doc/apps/req.pod
@@ -235,8 +235,8 @@ this option outputs a self signed certificate instead of a certificate
request. This is typically used to generate a test certificate or
a self signed root CA. The extensions added to the certificate
(if any) are specified in the configuration file. Unless specified
-using the B<set_serial> option B<0> will be used for the serial
-number.
+using the B<set_serial> option, a large random number will be used for
+the serial number.
=item B<-days n>
diff --git a/openssl/doc/apps/s_client.pod b/openssl/doc/apps/s_client.pod
index b021c730c..aad59b181 100644
--- a/openssl/doc/apps/s_client.pod
+++ b/openssl/doc/apps/s_client.pod
@@ -37,6 +37,9 @@ B<openssl> B<s_client>
[B<-no_ssl2>]
[B<-no_ssl3>]
[B<-no_tls1>]
+[B<-no_tls1_1>]
+[B<-no_tls1_2>]
+[B<-fallback_scsv>]
[B<-bugs>]
[B<-cipher cipherlist>]
[B<-serverpref>]
@@ -47,6 +50,7 @@ B<openssl> B<s_client>
[B<-sess_out filename>]
[B<-sess_in filename>]
[B<-rand file(s)>]
+[B<-serverinfo types>]
[B<-status>]
[B<-nextprotoneg protocols>]
@@ -196,16 +200,19 @@ Use the PSK key B<key> when using a PSK cipher suite. The key is
given as a hexadecimal number without leading 0x, for example -psk
1a2b3c4d.
-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
+=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
these options disable the use of certain SSL or TLS protocols. By default
the initial handshake uses a method which should be compatible with all
servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
-Unfortunately there are a lot of ancient and broken servers in use which
+Unfortunately there are still ancient and broken servers in use which
cannot handle this technique and will fail to connect. Some servers only
-work if TLS is turned off with the B<-no_tls> option others will only
-support SSL v2 and may need the B<-ssl2> option.
+work if TLS is turned off.
+
+=item B<-fallback_scsv>
+
+Send TLS_FALLBACK_SCSV in the ClientHello.
=item B<-bugs>
@@ -261,6 +268,13 @@ Multiple files can be specified separated by a OS-dependent character.
The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
all others.
+=item B<-serverinfo types>
+
+a list of comma-separated TLS Extension Types (numbers between 0 and
+65535). Each type will be sent as an empty ClientHello TLS Extension.
+The server's response (if any) will be encoded and displayed as a PEM
+file.
+
=item B<-status>
sends a certificate status request to the server (OCSP stapling). The server
diff --git a/openssl/doc/apps/s_server.pod b/openssl/doc/apps/s_server.pod
index 2105b603b..b37f410fb 100644
--- a/openssl/doc/apps/s_server.pod
+++ b/openssl/doc/apps/s_server.pod
@@ -45,7 +45,6 @@ B<openssl> B<s_server>
[B<-no_ssl3>]
[B<-no_tls1>]
[B<-no_dhe>]
-[B<-no_ecdhe>]
[B<-bugs>]
[B<-hack>]
[B<-www>]
@@ -56,6 +55,8 @@ B<openssl> B<s_server>
[B<-no_ticket>]
[B<-id_prefix arg>]
[B<-rand file(s)>]
+[B<-serverinfo file>]
+[B<-no_resumption_on_reneg>]
[B<-status>]
[B<-status_verbose>]
[B<-status_timeout nsec>]
@@ -138,11 +139,6 @@ a static set of parameters hard coded into the s_server program will be used.
if this option is set then no DH parameters will be loaded effectively
disabling the ephemeral DH cipher suites.
-=item B<-no_ecdhe>
-
-if this option is set then no ECDH parameters will be loaded effectively
-disabling the ephemeral ECDH cipher suites.
-
=item B<-no_tmp_rsa>
certain export cipher suites sometimes use a temporary RSA key, this option
@@ -295,6 +291,18 @@ Multiple files can be specified separated by a OS-dependent character.
The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
all others.
+=item B<-serverinfo file>
+
+a file containing one or more blocks of PEM data. Each PEM block
+must encode a TLS ServerHello extension (2 bytes type, 2 bytes length,
+followed by "length" bytes of extension data). If the client sends
+an empty TLS ClientHello extension matching the type, the corresponding
+ServerHello extension will be returned.
+
+=item B<-no_resumption_on_reneg>
+
+set SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION flag.
+
=item B<-status>
enables certificate status request support (aka OCSP stapling).
diff --git a/openssl/doc/apps/verify.pod b/openssl/doc/apps/verify.pod
index 0c8e4926c..df0153435 100644
--- a/openssl/doc/apps/verify.pod
+++ b/openssl/doc/apps/verify.pod
@@ -12,6 +12,9 @@ B<openssl> B<verify>
[B<-purpose purpose>]
[B<-policy arg>]
[B<-ignore_critical>]
+[B<-attime timestamp>]
+[B<-check_ss_sig>]
+[B<-crlfile file>]
[B<-crl_check>]
[B<-crl_check_all>]
[B<-policy_check>]
@@ -25,7 +28,6 @@ B<openssl> B<verify>
[B<-untrusted file>]
[B<-help>]
[B<-issuer_checks>]
-[B<-attime timestamp>]
[B<-verbose>]
[B<->]
[certificates]
@@ -51,6 +53,26 @@ create symbolic links to a directory of certificates.
A file of trusted certificates. The file should contain multiple certificates
in PEM format concatenated together.
+=item B<-attime timestamp>
+
+Perform validation checks using time specified by B<timestamp> and not
+current system time. B<timestamp> is the number of seconds since
+01.01.1970 (UNIX time).
+
+=item B<-check_ss_sig>
+
+Verify the signature on the self-signed root CA. This is disabled by default
+because it doesn't add any security.
+
+=item B<-crlfile file>
+
+File containing one or more CRL's (in PEM format) to load.
+
+=item B<-crl_check>
+
+Checks end entity certificate validity by attempting to look up a valid CRL.
+If a valid CRL cannot be found an error occurs.
+
=item B<-untrusted file>
A file of untrusted certificates. The file should contain multiple certificates
@@ -80,12 +102,6 @@ rejected. The presence of rejection messages does not itself imply that
anything is wrong; during the normal verification process, several
rejections may take place.
-=item B<-attime timestamp>
-
-Perform validation checks using time specified by B<timestamp> and not
-current system time. B<timestamp> is the number of seconds since
-01.01.1970 (UNIX time).
-
=item B<-policy arg>
Enable policy processing and add B<arg> to the user-initial-policy-set (see
diff --git a/openssl/doc/apps/x509.pod b/openssl/doc/apps/x509.pod
index 6109389e0..a1326edee 100644
--- a/openssl/doc/apps/x509.pod
+++ b/openssl/doc/apps/x509.pod
@@ -51,6 +51,7 @@ B<openssl> B<x509>
[B<-CAkey filename>]
[B<-CAcreateserial>]
[B<-CAserial filename>]
+[B<-force_pubkey key>]
[B<-text>]
[B<-certopt option>]
[B<-C>]
@@ -418,6 +419,15 @@ specified then the extensions should either be contained in the unnamed
L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
extension section format.
+=item B<-force_pubkey key>
+
+when a certificate is created set its public key to B<key> instead of the
+key in the certificate or certificate request. This option is useful for
+creating certificates where the algorithm can't normally sign requests, for
+example DH.
+
+The format or B<key> can be specified using the B<-keyform> option.
+
=back
=head2 NAME OPTIONS