]>
Commit | Line | Data |
---|---|---|
84ee7bcf BP |
1 | .IP "\fB\-p\fR \fIprivkey.pem\fR" |
2 | .IQ "\fB\-\-private\-key=\fIprivkey.pem\fR" | |
3 | Specifies a PEM file containing the private key used as \fB\*(PN\fR's | |
4 | identity for outgoing SSL connections. | |
a9b4a41a | 5 | . |
84ee7bcf BP |
6 | .IP "\fB\-c\fR \fIcert.pem\fR" |
7 | .IQ "\fB\-\-certificate=\fIcert.pem\fR" | |
8 | Specifies a PEM file containing a certificate that certifies the | |
9 | private key specified on \fB\-p\fR or \fB\-\-private\-key\fR to be | |
10 | trustworthy. The certificate must be signed by the certificate | |
11 | authority (CA) that the peer in SSL connections will use to verify it. | |
a9b4a41a | 12 | . |
1af5bea7 BP |
13 | .IP "\fB\-C\fR \fIcacert.pem\fR" |
14 | .IQ "\fB\-\-ca\-cert=\fIcacert.pem\fR" | |
84ee7bcf BP |
15 | Specifies a PEM file containing the CA certificate that \fB\*(PN\fR |
16 | should use to verify certificates presented to it by SSL peers. (This | |
17 | may be the same certificate that SSL peers use to verify the | |
18 | certificate specified on \fB\-c\fR or \fB\-\-certificate\fR, or it may | |
1af5bea7 | 19 | be a different one, depending on the PKI design in use.) |
ba104a1e BP |
20 | . |
21 | .IP "\fB\-C none\fR" | |
22 | .IQ "\fB\-\-ca\-cert=none\fR" | |
23 | Disables verification of certificates presented by SSL peers. This | |
24 | introduces a security risk, because it means that certificates cannot | |
25 | be verified to be those of known trusted hosts. |