is there any working example of how to use verify_hostname in command line?
pauli at openssl.org
pauli at openssl.org
Fri Mar 4 05:07:15 UTC 2022
Ask LibreSSL for support here. LibreSSL it **not** OpenSSL.
Pauli
On 4/3/22 3:55 pm, Edward Tsang via openssl-users wrote:
> the openssl I'm using is in mac
> openssl version -a
> LibreSSL 2.8.3
>
> On Thu, Mar 3, 2022 at 8:05 PM Edward Tsang <etsang at splunk.com> wrote:
>
> Ok here is what I tried but still complaining about unknown
> options -verify_hostname
> openssl s_client -connect google.com <http://google.com> -CAfile
> etc/auth/cacert.pem -verify_hostname google.com
> <http://google.com> -verify_return_error
> unknown option -verify_hostname
> usage: s_client args
>
> On Thu, Mar 3, 2022 at 4:10 PM Viktor Dukhovni
> <openssl-users at dukhovni.org> wrote:
>
> [ External sender. Exercise caution. ]
>
> > On 3 Mar 2022, at 6:09 pm, Edward Tsang via openssl-users
> <openssl-users at openssl.org> wrote:
> >
> > openssl s_client -CApath . -CAfile ./cacert.pem
> -verify_hostname example.com <http://example.com>
> >
> > All I get is "unknown option -verify_hostname
> > usage: s_client args"
> >
> > Have tried combinations of that and check out of doc...
> really not helping.
>
> You need to specify a server to connect to via the "-connect"
> option. It
> takes a hostname or IP address as a required argument, with an
> optional
> ":port" suffix.
>
> -connect www.example.com:443 <http://www.example.com:443>
> -connect 192.0.2.1:443 <http://192.0.2.1:443>
> -connect [::1]:443
> ...
>
> You may also want "-brief" and "-verify_return_error".
>
> --
> Viktor.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20220304/d7cbe9a8/attachment.htm>
More information about the openssl-users
mailing list