1gnutls-serv(1) General Commands Manual gnutls-serv(1)
2
3
4
6 gnutls-serv - GnuTLS test server
7
9 gnutls-serv [options]
10
12 Simple server program that listens to incoming TLS connections.
13
15 Program control options
16 -d, --debug LEVEL
17 Specify the debug level. Default is 1.
18
19 -h, --help
20 prints this help
21
22 -l, --list
23 Print a list of the supported algorithms and modes.
24
25 -q, --quiet
26 Suppress some messages.
27
28 -v, --version
29 prints the program's version number
30
31
32 Server options
33 -p, --port integer
34 The port to listen on.
35
36 --nodb Does not use the resume database.
37
38 --http Act as an HTTP Server.
39
40 --echo Act as an Echo Server.
41
42
43 TLS/SSL control options
44 --priority PRIORITY STRING
45 TLS algorithms and protocols to enable. You can use predefined
46 sets of ciphersuites such as:
47
48 PERFORMANCE all the "secure" ciphersuites are enabled, limited
49 to 128 bit ciphers and sorted by terms of speed performance.
50
51 NORMAL option enables all "secure" ciphersuites. The 256-bit
52 ciphers are included as a fallback only. The ciphers are sorted
53 by security margin.
54
55 SECURE128 flag enables all "secure" ciphersuites with ciphers up
56 to 128 bits, sorted by security margin.
57
58 SECURE256 flag enables all "secure" ciphersuites including the
59 256 bit ciphers, sorted by security margin.
60
61 EXPORT all the ciphersuites are enabled, including the low-secu‐
62 rity 40 bit ciphers.
63
64 NONE nothing is enabled. This disables even protocols and com‐
65 pression methods.
66
67 Check the GnuTLS manual on section "Priority strings" for more
68 information on allowed keywords.
69
70 Examples:
71
72 "NORMAL"
73
74 "NONE:+VERS-TLS-ALL:+MAC-ALL:+RSA:+AES-128-CBC:+SIGN-ALL:+COMP-
75 NULL"
76
77 "NORMAL:-ARCFOUR-128" means normal ciphers except for ARC‐
78 FOUR-128.
79
80 "SECURE:-VERS-SSL3.0:+COMP-DEFLATE" means that only secure
81 ciphers are enabled, SSL3.0 is disabled, and libz compression
82 enabled.
83
84 "NONE:+VERS-TLS-ALL:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL:+SIGN-
85 RSA-SHA1"
86
87 "NORMAL:%COMPAT" is the most compatible mode
88
89
90 -g, --generate
91 Generate Diffie-Hellman Parameters.
92
93 --kx kx1 kx2...
94 Key exchange methods to enable (use gnutls-cli --list to show
95 the supported key exchange methods).
96
97 -p, --port integer
98 The port to connect to.
99
100
101 Certificate options
102 --pgpcertfile FILE
103 PGP Public Key (certificate) file to use.
104
105 --pgpkeyfile FILE
106 PGP Key file to use.
107
108 --pgpkeyring FILE
109 PGP Key ring file to use.
110
111 --pgptrustdb FILE
112 PGP trustdb file to use.
113
114 --srppasswd FILE
115 SRP password file to use.
116
117 --srppasswdconf FILE
118 SRP password configuration file to use.
119
120 --x509cafile FILE
121 Certificate file to use.
122
123 --x509certfile FILE
124 X.509 Certificate file to use.
125
126 --x509fmtder
127 Use DER format for certificates
128
129 --x509keyfile FILE
130 X.509 key file to use.
131
132
134 gnutls-cli(1), gnutls-cli-debug(1)
135
137 Nikos Mavrogiannopoulos <nmav@gnutls.org> and others; see
138 /usr/share/doc/gnutls-bin/AUTHORS for a complete list.
139
140 This manual page was written by Ivo Timmermans <ivo@debian.org>, for
141 the Debian GNU/Linux system (but may be used by others).
142
143
144
145 December 1st 2003 gnutls-serv(1)