1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
<?xml version="1.0" encoding="utf-8"?>
<dl>
<dt><code>-p</code> <var>privkey.pem</var></dt>
<dt><code>--private-key=</code><var>privkey.pem</var></dt>
<dd>
Specifies a PEM file containing the private key used as
identity for outgoing SSL/TLS connections.
</dd>
<dt><code>-c</code> <var>cert.pem</var></dt>
<dt><code>--certificate=</code><var>cert.pem</var></dt>
<dd>
Specifies a PEM file containing a certificate that certifies the
private key specified on <code>-p</code> or <code>--private-key</code> to be
trustworthy. The certificate must be signed by the certificate
authority (CA) that the peer in SSL/TLS connections will use to verify it.
</dd>
<dt><code>-C</code> <var>cacert.pem</var></dt>
<dt><code>--ca-cert=</code><var>cacert.pem</var></dt>
<dd>
Specifies a PEM file containing the CA certificate for
verifying certificates presented to this program by SSL/TLS peers. (This
may be the same certificate that SSL/TLS peers use to verify the
certificate specified on <code>-c</code> or <code>--certificate</code>, or it may
be a different one, depending on the PKI design in use.)
</dd>
<dt><code>-C none</code></dt>
<dt><code>--ca-cert=none</code></dt>
<dd>
Disables verification of certificates presented by SSL/TLS peers. This
introduces a security risk, because it means that certificates cannot
be verified to be those of known trusted hosts.
</dd>
</dl>
|
