Man Linux: Main Page and Category List

NAME

       gnutls-serv - GNU TLS test server

SYNOPSIS

       gnutls-serv [options]

DESCRIPTION

       Simple server program that listens to incoming TLS connections.

OPTIONS

   Program control options
       -d, --debug LEVEL
              Specify the debug level. Default is 1.

       -h, --help
              prints this help

       -l, --list
              Print a list of the supported algorithms and modes.

       -q, --quiet
              Suppress some messages.

       -v, --version
              prints the program’s version number

   Server options
       -p, --port integer
              The port to listen on.

       --nodb Does not use the resume database.

       --http Act as an HTTP Server.

       --echo Act as an Echo Server.

   TLS/SSL control options
       --priority PRIORITY STRING
              TLS  algorithms  and  protocols  to  enable.   Unless  the first
              keyword is "NONE" the defaults are:

              Protocols: TLS1.1, TLS1.0, and SSL3.0.

              Compression: NULL.

              Certificate types: X.509, OpenPGP.

              You can also use predefined sets of ciphersuites such as:

              PERFORMANCE all the "secure" ciphersuites are  enabled,  limited
              to 128 bit ciphers and sorted by terms of speed performance.

              NORMAL  option  enables  all  "secure" ciphersuites. The 256-bit
              ciphers are included as a fallback only. The ciphers are  sorted
              by security margin.

              SECURE128 flag enables all "secure" ciphersuites with ciphers up
              to 128 bits, sorted by security margin.

              SECURE256 flag enables all "secure" ciphersuites  including  the
              256 bit ciphers, sorted by security margin.

              EXPORT  all  the  ciphersuites  are  enabled, including the low-
              security 40 bit ciphers.

              NONE nothing  is  enabled.  This  disables  even  protocols  and
              compression methods.

              Special keywords:

              To  avoid collisions in order to specify a compression algorithm
              in this string you have to  prefix  it  with  "COMP-",  protocol
              versions  with  "VERS-" and certificate types with "CTYPE-". All
              other algorithms don’t need a prefix.

              Examples:

              "NORMAL"

              "NORMAL:%COMPAT"

              "NORMAL:!AES-128-CBC"

              "NONE:+VERS-TLS1.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL"

       -g, --generate
              Generate Diffie-Hellman Parameters.

       --kx kx1 kx2...
              Key exchange methods to enable (use gnutls-cli  --list  to  show
              the supported key exchange methods).

       -p, --port integer
              The port to connect to.

   Certificate options
       --pgpcertfile FILE
              PGP Public Key (certificate) file to use.

       --pgpkeyfile FILE
              PGP Key file to use.

       --pgpkeyring FILE
              PGP Key ring file to use.

       --pgptrustdb FILE
              PGP trustdb file to use.

       --srppasswd FILE
              SRP password file to use.

       --srppasswdconf FILE
              SRP password configuration file to use.

       --x509cafile FILE
              Certificate file to use.

       --x509certfile FILE
              X.509 Certificate file to use.

       --x509fmtder
              Use DER format for certificates

       --x509keyfile FILE
              X.509 key file to use.

SEE ALSO

       gnutls-cli(1), gnutls-cli-debug(1)

AUTHOR

       Nikos     Mavroyanopoulos    <nmav@gnutls.org>    and    others;    see
       /usr/share/doc/gnutls-bin/AUTHORS for a complete list.

       This manual page was written by Ivo  Timmermans  <ivo@debian.org>,  for
       the Debian GNU/Linux system (but may be used by others).

                               December 1st 2003                gnutls-serv(1)