58f523beba
Change Ed25519 in TLS 1.2 to keep a copy of all the messages for certificate verification - interop with OpenSSL.
60 lines
1.5 KiB
Plaintext
60 lines
1.5 KiB
Plaintext
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
|
|
-v 3
|
|
-l ECDHE-ECDSA-AES128-GCM-SHA256
|
|
-c ./certs/ed25519/server-ed25519.pem
|
|
-k ./certs/ed25519/server-ed25519-key.pem
|
|
|
|
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
|
|
-v 3
|
|
-l ECDHE-ECDSA-AES128-GCM-SHA256
|
|
-A ./certs/ed25519/root-ed25519.pem
|
|
-C
|
|
|
|
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
|
|
-v 3
|
|
-l ECDHE-ECDSA-AES128-GCM-SHA256
|
|
-c ./certs/ed25519/server-ed25519.pem
|
|
-k ./certs/ed25519/server-ed25519-key.pem
|
|
-A ./certs/ed25519/client-ed25519.pem
|
|
-V
|
|
# Remove -V when CRL for ED25519 certificates available.
|
|
|
|
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
|
|
-v 3
|
|
-l ECDHE-ECDSA-AES128-GCM-SHA256
|
|
-c ./certs/ed25519/client-ed25519.pem
|
|
-k ./certs/ed25519/client-ed25519-key.pem
|
|
-A ./certs/ed25519/root-ed25519.pem
|
|
-C
|
|
|
|
# server TLSv1.3 TLS13-AES128-GCM-SHA256
|
|
-v 4
|
|
-l TLS13-AES128-GCM-SHA256
|
|
-c ./certs/ed25519/server-ed25519.pem
|
|
-k ./certs/ed25519/server-ed25519-key.pem
|
|
|
|
# client TLSv1.3 TLS13-AES128-GCM-SHA256
|
|
-v 4
|
|
-l TLS13-AES128-GCM-SHA256
|
|
-A ./certs/ed25519/root-ed25519.pem
|
|
-C
|
|
|
|
# Enable when CRL for ED25519 certificates available.
|
|
# server TLSv1.3 TLS13-AES128-GCM-SHA256
|
|
-v 4
|
|
-l TLS13-AES128-GCM-SHA256
|
|
-c ./certs/ed25519/server-ed25519.pem
|
|
-k ./certs/ed25519/server-ed25519-key.pem
|
|
-A ./certs/ed25519/client-ed25519.pem
|
|
-V
|
|
# Remove -V when CRL for ED25519 certificates available.
|
|
|
|
# client TLSv1.3 TLS13-AES128-GCM-SHA256
|
|
-v 4
|
|
-l TLS13-AES128-GCM-SHA256
|
|
-c ./certs/ed25519/client-ed25519.pem
|
|
-k ./certs/ed25519/client-ed25519-key.pem
|
|
-A ./certs/ed25519/root-ed25519.pem
|
|
-C
|
|
|