LinuxGuruz
  • Last 5 Forum Topics
    Replies
    Views
    Last post


The Web Only This Site
  • BOOKMARK

  • ADD TO FAVORITES

  • REFERENCES


  • MARC

    Mailing list ARChives
    - Search by -
     Subjects
     Authors
     Bodies





    FOLDOC

    Computing Dictionary




  • Text Link Ads






  • LINUX man pages
  • Linux Man Page Viewer


    The following form allows you to view linux man pages.

    Command:

    s_time

    
    
    

    SYNOPSIS

           openssl s_time [-connect host:port] [-www page] [-cert filename] [-key
           filename] [-CApath directory] [-CAfile filename] [-trusted_first]
           [-reuse] [-new] [-verify depth] [-nbio] [-time seconds] [-ssl2] [-ssl3]
           [-bugs] [-cipher cipherlist]
    
    
    

    DESCRIPTION

           The s_client command implements a generic SSL/TLS client which connects
           to a remote host using SSL/TLS. It can request a page from the server
           and includes the time to transfer the payload data in its timing
           measurements. It measures the number of connections within a given
           timeframe, the amount of data transferred (if any), and calculates the
           average time spent for one connection.
    
    
    

    OPTIONS

           -connect host:port
               This specifies the host and optional port to connect to.
    
           -www page
               This specifies the page to GET from the server. A value of '/' gets
               the index.htm[l] page. If this parameter is not specified, then
               s_time will only perform the handshake to establish SSL connections
               but not transfer any payload data.
    
           -cert certname
               The certificate to use, if one is requested by the server. The
               default is not to use a certificate. The file is in PEM format.
    
           -key keyfile
               The private key to use. If not specified then the certificate file
               will be used. The file is in PEM format.
    
           -verify depth
               The verify depth to use. This specifies the maximum length of the
               server certificate chain and turns on server certificate
               verification.  Currently the verify operation continues after
               errors so all the problems with a certificate chain can be seen. As
               a side effect the connection will never fail due to a server
               certificate verify failure.
    
           -CApath directory
               The directory to use for server certificate verification. This
               directory must be in "hash format", see verify for more
               information. These are also used when building the client
               certificate chain.
    
           -CAfile file
               A file containing trusted certificates to use during server
               authentication and to use when attempting to build the client
               certificate chain.
    
           -trusted_first
               sequence.
    
           -nbio
               turns on non-blocking I/O.
    
           -ssl2, -ssl3
               these options disable the use of certain SSL or TLS protocols. By
               default the initial handshake uses a method which should be
               compatible with all servers and permit them to use SSL v3, SSL v2
               or TLS as appropriate.  The timing program is not as rich in
               options to turn protocols on and off as the s_client(1) program and
               may not connect to all servers.
    
               Unfortunately there are a lot of ancient and broken servers in use
               which cannot handle this technique and will fail to connect. Some
               servers only work if TLS is turned off with the -ssl3 option;
               others will only support SSL v2 and may need the -ssl2 option.
    
           -bugs
               there are several known bug in SSL and TLS implementations. Adding
               this option enables various workarounds.
    
           -cipher cipherlist
               this allows the cipher list sent by the client to be modified.
               Although the server determines which cipher suite is used it should
               take the first supported cipher in the list sent by the client.
               See the ciphers(1) command for more information.
    
           -time length
               specifies how long (in seconds) s_time should establish connections
               and optionally transfer payload data from a server. Server and
               client performance and the link speed determine how many
               connections s_time can establish.
    
    
    

    NOTES

           s_client can be used to measure the performance of an SSL connection.
           To connect to an SSL HTTP server and get the default page the command
    
            openssl s_time -connect servername:443 -www / -CApath yourdir -CAfile yourfile.pem -cipher commoncipher [-ssl3]
    
           would typically be used (https uses port 443). 'commoncipher' is a
           cipher to which both client and server can agree, see the ciphers(1)
           command for details.
    
           If the handshake fails then there are several possible causes, if it is
           nothing obvious like no client certificate then the -bugs, -ssl2, -ssl3
           options can be tried in case it is a buggy server. In particular you
           should play with these options before submitting a bug report to an
           OpenSSL mailing list.
    
           A frequent problem when attempting to get client certificates working
           is that a web client complains it has no certificates or gives an empty
           Because this program does not have all the options of the s_client(1)
           program to turn protocols on and off, you may not be able to measure
           the performance of all protocols with all servers.
    
           The -verify option should really exit if the server verification fails.
    
    
    

    SEE ALSO

           s_client(1), s_server(1), ciphers(1)
    
    
    

    1.0.1e 2016-01-07 S_TIME(1)

    
    
  • MORE RESOURCE


  • Linux

    The Distributions





    Linux

    The Software





    Linux

    The News



  • MARKETING






  • Toll Free

webmaster@linuxguruz.com
Copyright © 1999 - 2016 by LinuxGuruz