<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
Ask LibreSSL for support here. LibreSSL it **not** OpenSSL.<br>
<br>
<br>
Pauli<br>
<br>
<div class="moz-cite-prefix">On 4/3/22 3:55 pm, Edward Tsang via
openssl-users wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CACrfNRGLZX=cqAvxurg9pVYeVya+8pihPEFNrVaHWdrFDj0v+A@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">the openssl I'm using is in mac
<div>openssl version -a<br>
</div>
<div>LibreSSL 2.8.3<br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Thu, Mar 3, 2022 at 8:05 PM
Edward Tsang <<a href="mailto:etsang@splunk.com"
moz-do-not-send="true" class="moz-txt-link-freetext">etsang@splunk.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div>Ok here is what I tried but still complaining about
unknown options -verify_hostname </div>
openssl s_client -connect <a href="http://google.com"
target="_blank" moz-do-not-send="true">google.com</a>
-CAfile etc/auth/cacert.pem -verify_hostname <a
href="http://google.com" target="_blank"
moz-do-not-send="true">google.com</a> -verify_return_error<br>
unknown option -verify_hostname<br>
usage: s_client args<br>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Thu, Mar 3, 2022 at
4:10 PM Viktor Dukhovni <<a
href="mailto:openssl-users@dukhovni.org" target="_blank"
moz-do-not-send="true" class="moz-txt-link-freetext">openssl-users@dukhovni.org</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">[ External sender.
Exercise caution. ]<br>
<br>
> On 3 Mar 2022, at 6:09 pm, Edward Tsang via
openssl-users <<a
href="mailto:openssl-users@openssl.org" target="_blank"
moz-do-not-send="true" class="moz-txt-link-freetext">openssl-users@openssl.org</a>>
wrote:<br>
> <br>
> openssl s_client -CApath . -CAfile ./cacert.pem
-verify_hostname <a href="http://example.com"
rel="noreferrer" target="_blank" moz-do-not-send="true">example.com</a><br>
> <br>
> All I get is "unknown option -verify_hostname<br>
> usage: s_client args"<br>
> <br>
> Have tried combinations of that and check out of
doc... really not helping.<br>
<br>
You need to specify a server to connect to via the
"-connect" option. It<br>
takes a hostname or IP address as a required argument,
with an optional<br>
":port" suffix.<br>
<br>
-connect <a href="http://www.example.com:443"
rel="noreferrer" target="_blank" moz-do-not-send="true">www.example.com:443</a><br>
-connect <a href="http://192.0.2.1:443"
rel="noreferrer" target="_blank" moz-do-not-send="true">192.0.2.1:443</a><br>
-connect [::1]:443<br>
...<br>
<br>
You may also want "-brief" and "-verify_return_error".<br>
<br>
-- <br>
Viktor.<br>
<br>
<br>
</blockquote>
</div>
</blockquote>
</div>
</blockquote>
<br>
</body>
</html>