diff options
-rw-r--r-- | doc/apps/s_client.pod | 6 | ||||
-rw-r--r-- | doc/apps/s_server.pod | 23 |
2 files changed, 29 insertions, 0 deletions
diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod index f4155c4064..4bccba1f2e 100644 --- a/doc/apps/s_client.pod +++ b/doc/apps/s_client.pod @@ -76,6 +76,7 @@ B<openssl> B<s_client> [B<-sess_in filename>] [B<-rand file(s)>] [B<-serverinfo types>] +[B<-status>] =head1 DESCRIPTION @@ -327,6 +328,11 @@ a list of comma-separated TLS Extension Types (numbers between 0 and The server's response (if any) will be encoded and displayed as a PEM file. +=item B<-status> + +sends a certificate status request to the server (OCSP stapling). The server +response (if any) is printed out. + =back =head1 CONNECTED COMMANDS diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod index a8e5278230..0ba7588ac7 100644 --- a/doc/apps/s_server.pod +++ b/doc/apps/s_server.pod @@ -84,6 +84,10 @@ B<openssl> B<s_server> [B<-rand file(s)>] [B<-serverinfo file>] [B<-no_resumption_on_reneg>] +[B<-status>] +[B<-status_verbose>] +[B<-status_timeout nsec>] +[B<-status_url url>] =head1 DESCRIPTION The B<s_server> command implements a generic SSL/TLS server which listens @@ -364,6 +368,25 @@ ServerHello extension will be returned. set SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION flag. +=item B<-status> + +enables certificate status request support (aka OCSP stapling). + +=item B<-status_verbose> + +enables certificate status request support (aka OCSP stapling) and gives +a verbose printout of the OCSP response. + +=item B<-status_timeout nsec> + +sets the timeout for OCSP response to B<nsec> seconds. + +=item B<-status_url url> + +sets a fallback responder URL to use if no responder URL is present in the +server certificate. Without this option an error is returned if the server +certificate does not contain a responder address. + =back =head1 CONNECTED COMMANDS |