提交 29c4cf0c 编写于 作者: K Kurt Roeckx

Update ciphers -s documentation

Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

MR: #1595
上级 cdc72e49
......@@ -36,9 +36,21 @@ Print a usage message.
=item B<-s>
Only list supported ciphers: those consistent with the security level. This
is the actual cipher list an application will support. If this option is
not used then ciphers excluded by the security level will still be listed.
Only list supported ciphers: those consistent with the security level, and
minimum and maximum protocol version.
This is closer to the actual cipher list an application will support.
This program does not set up support for SRP and so SRP based ciphers will
always be excluded when using this option.
PSK ciphers are not enabled by default and it requires the B<-psk> to enable
them.
It also does not change the default list of supported signature algorithms.
On a server the list of supported ciphers might also exclude other ciphers
depending on the configured certificates and presence of DH parameters.
If this option is not used then all ciphers that match the cipherlist will be
listed.
=item B<-psk>
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册