1gnutls-cli-debug(1)              User Commands             gnutls-cli-debug(1)
2
3
4

NAME

6       gnutls-cli-debug - GnuTLS debug client
7

SYNOPSIS

9       gnutls-cli-debug [-flags] [-flag [value]] [--option-name[[=| ]value]]
10
11       Operands and options may be intermixed.  They will be reordered.
12
13

DESCRIPTION

15       TLS  debug  client. It sets up multiple TLS connections to a server and
16       queries its capabilities. It was created to assist in debugging GnuTLS,
17       but it might be useful to extract a TLS server's capabilities.  It con‐
18       nects to a TLS server, performs tests and print the server's  capabili‐
19       ties.  If called with the `-v' parameter more checks will be performed.
20       Can be used to check for servers with special needs or bugs.
21

OPTIONS

23       -d number, --debug=number
24              Enable debugging.  This option takes an integer  number  as  its
25              argument.  The value of number is constrained to being:
26                  in the range  0 through 9999
27
28              Specifies the debug level.
29
30       -V, --verbose
31              More verbose output.  This option may appear an unlimited number
32              of times.
33
34
35       -p number, --port=number
36              The port to connect to.  This option takes an integer number as
37              its argument.  The value of number is constrained to being:
38                  in the range  0 through 65536
39
40
41       --app-proto=string
42              The application protocol to be used to obtain the server's cer‐
43              tificate (https, ftp, smtp, imap).
44
45
46       -h, --help
47              Display usage information and exit.
48
49       -!, --more-help
50              Pass the extended usage information through a pager.
51
52       -v [{v|c|n --version [{v|c|n}]}]
53              Output version of program and exit.  The default mode is `v', a
54              simple version.  The `c' mode will print copyright information
55              and `n' will print the full copyright notice.
56

EXAMPLES

58           $ ../src/gnutls-cli-debug localhost
59           Resolving 'localhost'...
60           Connecting to '127.0.0.1:443'...
61           Checking for SSL 3.0 support... yes
62           Checking whether %COMPAT is required... no
63           Checking for TLS 1.0 support... yes
64           Checking for TLS 1.1 support... no
65           Checking fallback from TLS 1.1 to... TLS 1.0
66           Checking for TLS 1.2 support... no
67           Checking whether we need to disable TLS 1.0... N/A
68           Checking for Safe renegotiation support... yes
69           Checking for Safe renegotiation support (SCSV)... yes
70           Checking for HTTPS server name... not checked
71           Checking for version rollback bug in RSA PMS... no
72           Checking for version rollback bug in Client Hello... no
73           Checking whether the server ignores the RSA PMS version... no
74           Checking whether the server can accept Hello Extensions... yes
75           Checking whether the server can accept small records (512 bytes)... yes
76           Checking whether the server can accept cipher suites not in SSL 3.0 spec... yes
77           Checking whether the server can accept a bogus TLS record version in the client hello... yes
78           Checking for certificate information... N/A
79           Checking for trusted CAs... N/A
80           Checking whether the server understands TLS closure alerts... partially
81           Checking whether the server supports session resumption... yes
82           Checking for export-grade ciphersuite support... no
83           Checking RSA-export ciphersuite info... N/A
84           Checking for anonymous authentication support... no
85           Checking anonymous Diffie-Hellman group info... N/A
86           Checking for ephemeral Diffie-Hellman support... no
87           Checking ephemeral Diffie-Hellman group info... N/A
88           Checking for ephemeral EC Diffie-Hellman support... yes
89           Checking ephemeral EC Diffie-Hellman group info...
90            Curve SECP256R1
91           Checking for AES-GCM cipher support... no
92           Checking for AES-CBC cipher support... yes
93           Checking for CAMELLIA cipher support... no
94           Checking for 3DES-CBC cipher support... yes
95           Checking for ARCFOUR 128 cipher support... yes
96           Checking for ARCFOUR 40 cipher support... no
97           Checking for MD5 MAC support... yes
98           Checking for SHA1 MAC support... yes
99           Checking for SHA256 MAC support... no
100           Checking for ZLIB compression support... no
101           Checking for max record size... no
102           Checking for OpenPGP authentication support... no
103

EXIT STATUS

105       One of the following exit values will be returned:
106
107       0  (EXIT_SUCCESS)
108              Successful program execution.
109
110       1  (EXIT_FAILURE)
111              The operation failed or the command syntax was not valid.
112
113       70  (EX_SOFTWARE)
114              libopts had an internal operational error.  Please report it to
115              autogen-users@lists.sourceforge.net.  Thank you.
116

SEE ALSO

118       gnutls-cli(1), gnutls-serv(1)
119

AUTHORS

121       Nikos Mavrogiannopoulos, Simon Josefsson and others; see
122       /usr/share/doc/gnutls/AUTHORS for a complete list.
123

COPYRIGHT

125       Copyright (C) 2000-2018 Free Software Foundation, and others all rights
126       reserved.  This program is released under the terms of the GNU General
127       Public License, version 3 or later.
128

BUGS

130       Please send bug reports to: bugs@gnutls.org
131

NOTES

133       This manual page was AutoGen-erated from the gnutls-cli-debug option
134       definitions.
135
136
137
1383.3.29                            16 Feb 2018              gnutls-cli-debug(1)