2010-03-31 17:12:37 -07:00
|
|
|
.de IQ
|
|
|
|
. br
|
|
|
|
. ns
|
|
|
|
. IP "\\$1"
|
|
|
|
..
|
2009-12-21 13:10:55 -08:00
|
|
|
.IP "\fB\-p\fR \fIprivkey.pem\fR"
|
|
|
|
.IQ "\fB\-\-private\-key=\fIprivkey.pem\fR"
|
|
|
|
Specifies a PEM file containing the private key used as \fB\*(PN\fR's
|
|
|
|
identity for outgoing SSL connections.
|
2010-02-24 13:42:43 -08:00
|
|
|
.
|
2009-12-21 13:10:55 -08:00
|
|
|
.IP "\fB\-c\fR \fIcert.pem\fR"
|
|
|
|
.IQ "\fB\-\-certificate=\fIcert.pem\fR"
|
|
|
|
Specifies a PEM file containing a certificate that certifies the
|
|
|
|
private key specified on \fB\-p\fR or \fB\-\-private\-key\fR to be
|
|
|
|
trustworthy. The certificate must be signed by the certificate
|
|
|
|
authority (CA) that the peer in SSL connections will use to verify it.
|
2010-02-24 13:42:43 -08:00
|
|
|
.
|
2010-03-18 17:12:27 -07:00
|
|
|
.IP "\fB\-C\fR \fIcacert.pem\fR"
|
|
|
|
.IQ "\fB\-\-ca\-cert=\fIcacert.pem\fR"
|
2009-12-21 13:10:55 -08:00
|
|
|
Specifies a PEM file containing the CA certificate that \fB\*(PN\fR
|
|
|
|
should use to verify certificates presented to it by SSL peers. (This
|
|
|
|
may be the same certificate that SSL peers use to verify the
|
|
|
|
certificate specified on \fB\-c\fR or \fB\-\-certificate\fR, or it may
|
2010-03-18 17:12:27 -07:00
|
|
|
be a different one, depending on the PKI design in use.)
|
2010-03-23 17:19:36 -07:00
|
|
|
.
|
|
|
|
.IP "\fB\-C none\fR"
|
|
|
|
.IQ "\fB\-\-ca\-cert=none\fR"
|
|
|
|
Disables verification of certificates presented by SSL peers. This
|
|
|
|
introduces a security risk, because it means that certificates cannot
|
|
|
|
be verified to be those of known trusted hosts.
|