]>
Commit | Line | Data |
---|---|---|
2da0385d JP |
1 | .de IQ |
2 | . br | |
3 | . ns | |
4 | . IP "\\$1" | |
5 | .. | |
84ee7bcf BP |
6 | .IP "\fB\-p\fR \fIprivkey.pem\fR" |
7 | .IQ "\fB\-\-private\-key=\fIprivkey.pem\fR" | |
8 | Specifies a PEM file containing the private key used as \fB\*(PN\fR's | |
9 | identity for outgoing SSL connections. | |
a9b4a41a | 10 | . |
84ee7bcf BP |
11 | .IP "\fB\-c\fR \fIcert.pem\fR" |
12 | .IQ "\fB\-\-certificate=\fIcert.pem\fR" | |
13 | Specifies a PEM file containing a certificate that certifies the | |
14 | private key specified on \fB\-p\fR or \fB\-\-private\-key\fR to be | |
15 | trustworthy. The certificate must be signed by the certificate | |
16 | authority (CA) that the peer in SSL connections will use to verify it. | |
a9b4a41a | 17 | . |
1af5bea7 BP |
18 | .IP "\fB\-C\fR \fIcacert.pem\fR" |
19 | .IQ "\fB\-\-ca\-cert=\fIcacert.pem\fR" | |
84ee7bcf BP |
20 | Specifies a PEM file containing the CA certificate that \fB\*(PN\fR |
21 | should use to verify certificates presented to it by SSL peers. (This | |
22 | may be the same certificate that SSL peers use to verify the | |
23 | certificate specified on \fB\-c\fR or \fB\-\-certificate\fR, or it may | |
1af5bea7 | 24 | be a different one, depending on the PKI design in use.) |
ba104a1e BP |
25 | . |
26 | .IP "\fB\-C none\fR" | |
27 | .IQ "\fB\-\-ca\-cert=none\fR" | |
28 | Disables verification of certificates presented by SSL peers. This | |
29 | introduces a security risk, because it means that certificates cannot | |
30 | be verified to be those of known trusted hosts. |