Loading doc/apps/ciphers.pod +26 −5 Original line number Diff line number Diff line Loading @@ -12,6 +12,10 @@ B<openssl> B<ciphers> [B<-V>] [B<-ssl3>] [B<-tls1>] [B<-tls1_1>] [B<-tls1_2>] [B<-s>] [B<-psk>] [B<-stdname>] [B<cipherlist>] Loading @@ -31,6 +35,10 @@ Only list supported ciphers: those consistent with the security level. This is the actual cipher list an application will support. If this option is not used then ciphers excluded by the security level will still be listed. =item B<-psk> When combined with B<-s> includes cipher suites which require PSK. =item B<-v> Verbose option. List ciphers with a complete description of Loading @@ -44,11 +52,19 @@ Like B<-v>, but include cipher suite codes in output (hex format). =item B<-ssl3> only include SSL v3 ciphers. List the ciphers which would be used if SSL v3 was negotiated. =item B<-tls1> only include TLS v1 ciphers. List the ciphers which would be used if TLS v1.0 was negotiated. =item B<-tls1_1> List the ciphers which would be used if TLS v1.1 was negotiated. =item B<-tls1_2> List the ciphers which would be used if TLS v1.2 was negotiated. =item B<-stdname> Loading Loading @@ -245,10 +261,15 @@ carry ECDH keys. cipher suites using ECDSA authentication, i.e. the certificates carry ECDSA keys. =item B<TLSv1.2>, B<TLSv1>, B<SSLv3> =item B<TLSv1.2>, B<TLSv1.0>, B<SSLv3> Lists ciphersuites which are only supported in at least TLS v1.2, TLS v1.0 or SSL v3.0 respectively. Note: there are no ciphersuites specific to TLS v1.1. Since this is only the minimum version if, for example, TLS v1.0 is supported then both TLS v1.0 and SSL v3.0 ciphersuites are included. TLS v1.2, TLS v1.0 or SSL v3.0 cipher suites respectively. Note: there are no ciphersuites specific to TLS v1.1. Note: these cipher strings B<do not> change the negotiated version of SSL or TLS only the list of cipher suites. =item B<AES128>, B<AES256>, B<AES> Loading Loading
doc/apps/ciphers.pod +26 −5 Original line number Diff line number Diff line Loading @@ -12,6 +12,10 @@ B<openssl> B<ciphers> [B<-V>] [B<-ssl3>] [B<-tls1>] [B<-tls1_1>] [B<-tls1_2>] [B<-s>] [B<-psk>] [B<-stdname>] [B<cipherlist>] Loading @@ -31,6 +35,10 @@ Only list supported ciphers: those consistent with the security level. This is the actual cipher list an application will support. If this option is not used then ciphers excluded by the security level will still be listed. =item B<-psk> When combined with B<-s> includes cipher suites which require PSK. =item B<-v> Verbose option. List ciphers with a complete description of Loading @@ -44,11 +52,19 @@ Like B<-v>, but include cipher suite codes in output (hex format). =item B<-ssl3> only include SSL v3 ciphers. List the ciphers which would be used if SSL v3 was negotiated. =item B<-tls1> only include TLS v1 ciphers. List the ciphers which would be used if TLS v1.0 was negotiated. =item B<-tls1_1> List the ciphers which would be used if TLS v1.1 was negotiated. =item B<-tls1_2> List the ciphers which would be used if TLS v1.2 was negotiated. =item B<-stdname> Loading Loading @@ -245,10 +261,15 @@ carry ECDH keys. cipher suites using ECDSA authentication, i.e. the certificates carry ECDSA keys. =item B<TLSv1.2>, B<TLSv1>, B<SSLv3> =item B<TLSv1.2>, B<TLSv1.0>, B<SSLv3> Lists ciphersuites which are only supported in at least TLS v1.2, TLS v1.0 or SSL v3.0 respectively. Note: there are no ciphersuites specific to TLS v1.1. Since this is only the minimum version if, for example, TLS v1.0 is supported then both TLS v1.0 and SSL v3.0 ciphersuites are included. TLS v1.2, TLS v1.0 or SSL v3.0 cipher suites respectively. Note: there are no ciphersuites specific to TLS v1.1. Note: these cipher strings B<do not> change the negotiated version of SSL or TLS only the list of cipher suites. =item B<AES128>, B<AES256>, B<AES> Loading
Matt Caswell <matt@openssl.org>Matt Caswell <matt@openssl.org>