230 lines
6.5 KiB
HTML
230 lines
6.5 KiB
HTML
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
|
<HTML><HEAD><TITLE>Man page of SESS_ID</TITLE>
|
|
</HEAD><BODY>
|
|
<H1>SESS_ID</H1>
|
|
Section: OpenSSL (1SSL)<BR>Updated: 2021-03-22<BR><A HREF="#index">Index</A>
|
|
<A HREF="/cgi-bin/man/man2html">Return to Main Contents</A><HR>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<A NAME="lbAB"> </A>
|
|
<H2>NAME</H2>
|
|
|
|
openssl-sess_id, sess_id - SSL/TLS session handling utility
|
|
<A NAME="lbAC"> </A>
|
|
<H2>SYNOPSIS</H2>
|
|
|
|
|
|
|
|
<B>openssl</B> <B>sess_id</B>
|
|
[<B>-help</B>]
|
|
[<B>-inform PEM|DER</B>]
|
|
[<B>-outform PEM|DER|NSS</B>]
|
|
[<B>-in filename</B>]
|
|
[<B>-out filename</B>]
|
|
[<B>-text</B>]
|
|
[<B>-noout</B>]
|
|
[<B>-context </B><FONT SIZE="-1"><B>ID</B></FONT><B></B>]
|
|
<A NAME="lbAD"> </A>
|
|
<H2>DESCRIPTION</H2>
|
|
|
|
|
|
|
|
The <B>sess_id</B> process the encoded version of the <FONT SIZE="-1">SSL</FONT> session structure
|
|
and optionally prints out <FONT SIZE="-1">SSL</FONT> session details (for example the <FONT SIZE="-1">SSL</FONT> session
|
|
master key) in human readable format. Since this is a diagnostic tool that
|
|
needs some knowledge of the <FONT SIZE="-1">SSL</FONT> protocol to use properly, most users will
|
|
not need to use it.
|
|
<A NAME="lbAE"> </A>
|
|
<H2>OPTIONS</H2>
|
|
|
|
|
|
|
|
<DL COMPACT>
|
|
<DT id="1"><B>-help</B><DD>
|
|
|
|
|
|
Print out a usage message.
|
|
<DT id="2"><B>-inform DER|PEM</B><DD>
|
|
|
|
|
|
This specifies the input format. The <B></B><FONT SIZE="-1"><B>DER</B></FONT><B></B> option uses an <FONT SIZE="-1">ASN1 DER</FONT> encoded
|
|
format containing session details. The precise format can vary from one version
|
|
to the next. The <B></B><FONT SIZE="-1"><B>PEM</B></FONT><B></B> form is the default format: it consists of the <B></B><FONT SIZE="-1"><B>DER</B></FONT><B></B>
|
|
format base64 encoded with additional header and footer lines.
|
|
<DT id="3"><B>-outform DER|PEM|NSS</B><DD>
|
|
|
|
|
|
This specifies the output format. The <B></B><FONT SIZE="-1"><B>PEM</B></FONT><B></B> and <B></B><FONT SIZE="-1"><B>DER</B></FONT><B></B> options have the same meaning
|
|
and default as the <B>-inform</B> option. The <B></B><FONT SIZE="-1"><B>NSS</B></FONT><B></B> option outputs the session id and
|
|
the master key in <FONT SIZE="-1">NSS</FONT> keylog format.
|
|
<DT id="4"><B>-in filename</B><DD>
|
|
|
|
|
|
This specifies the input filename to read session information from or standard
|
|
input by default.
|
|
<DT id="5"><B>-out filename</B><DD>
|
|
|
|
|
|
This specifies the output filename to write session information to or standard
|
|
output if this option is not specified.
|
|
<DT id="6"><B>-text</B><DD>
|
|
|
|
|
|
Prints out the various public or private key components in
|
|
plain text in addition to the encoded version.
|
|
<DT id="7"><B>-cert</B><DD>
|
|
|
|
|
|
If a certificate is present in the session it will be output using this option,
|
|
if the <B>-text</B> option is also present then it will be printed out in text form.
|
|
<DT id="8"><B>-noout</B><DD>
|
|
|
|
|
|
This option prevents output of the encoded version of the session.
|
|
<DT id="9"><B>-context </B><FONT SIZE="-1"><B>ID</B></FONT><B></B><DD>
|
|
|
|
|
|
This option can set the session id so the output session information uses the
|
|
supplied <FONT SIZE="-1">ID.</FONT> The <FONT SIZE="-1">ID</FONT> can be any string of characters. This option won't normally
|
|
be used.
|
|
</DL>
|
|
<A NAME="lbAF"> </A>
|
|
<H2>OUTPUT</H2>
|
|
|
|
|
|
|
|
Typical output:
|
|
<P>
|
|
|
|
|
|
|
|
<PRE>
|
|
SSL-Session:
|
|
Protocol : TLSv1
|
|
Cipher : 0016
|
|
Session-ID: 871E62626C554CE95488823752CBD5F3673A3EF3DCE9C67BD916C809914B40ED
|
|
Session-ID-ctx: 01000000
|
|
Master-Key: A7CEFC571974BE02CAC305269DC59F76EA9F0B180CB6642697A68251F2D2BB57E51DBBB4C7885573192AE9AEE220FACD
|
|
Key-Arg : None
|
|
Start Time: 948459261
|
|
Timeout : 300 (sec)
|
|
Verify return code 0 (ok)
|
|
|
|
</PRE>
|
|
|
|
|
|
<P>
|
|
|
|
These are described below in more detail.
|
|
<DL COMPACT>
|
|
<DT id="10"><B>Protocol</B><DD>
|
|
|
|
|
|
This is the protocol in use TLSv1.3, TLSv1.2, TLSv1.1, TLSv1 or SSLv3.
|
|
<DT id="11"><B>Cipher</B><DD>
|
|
|
|
|
|
The cipher used this is the actual raw <FONT SIZE="-1">SSL</FONT> or <FONT SIZE="-1">TLS</FONT> cipher code, see the <FONT SIZE="-1">SSL</FONT>
|
|
or <FONT SIZE="-1">TLS</FONT> specifications for more information.
|
|
<DT id="12"><B>Session-ID</B><DD>
|
|
|
|
|
|
The <FONT SIZE="-1">SSL</FONT> session <FONT SIZE="-1">ID</FONT> in hex format.
|
|
<DT id="13"><B>Session-ID-ctx</B><DD>
|
|
|
|
|
|
The session <FONT SIZE="-1">ID</FONT> context in hex format.
|
|
<DT id="14"><B>Master-Key</B><DD>
|
|
|
|
|
|
This is the <FONT SIZE="-1">SSL</FONT> session master key.
|
|
<DT id="15"><B>Start Time</B><DD>
|
|
|
|
|
|
This is the session start time represented as an integer in standard
|
|
Unix format.
|
|
<DT id="16"><B>Timeout</B><DD>
|
|
|
|
|
|
The timeout in seconds.
|
|
<DT id="17"><B>Verify return code</B><DD>
|
|
|
|
|
|
This is the return code when an <FONT SIZE="-1">SSL</FONT> client certificate is verified.
|
|
</DL>
|
|
<A NAME="lbAG"> </A>
|
|
<H2>NOTES</H2>
|
|
|
|
|
|
|
|
The <FONT SIZE="-1">PEM</FONT> encoded session format uses the header and footer lines:
|
|
<P>
|
|
|
|
|
|
|
|
<PRE>
|
|
-----BEGIN SSL SESSION PARAMETERS-----
|
|
-----END SSL SESSION PARAMETERS-----
|
|
|
|
</PRE>
|
|
|
|
|
|
<P>
|
|
|
|
Since the <FONT SIZE="-1">SSL</FONT> session output contains the master key it is
|
|
possible to read the contents of an encrypted session using this
|
|
information. Therefore appropriate security precautions should be taken if
|
|
the information is being output by a ``real'' application. This is however
|
|
strongly discouraged and should only be used for debugging purposes.
|
|
<A NAME="lbAH"> </A>
|
|
<H2>BUGS</H2>
|
|
|
|
|
|
|
|
The cipher and start time should be printed out in human readable form.
|
|
<A NAME="lbAI"> </A>
|
|
<H2>SEE ALSO</H2>
|
|
|
|
|
|
|
|
<B><A HREF="/cgi-bin/man/man2html?1+ciphers">ciphers</A></B>(1), <B><A HREF="/cgi-bin/man/man2html?1+s_server">s_server</A></B>(1)
|
|
<A NAME="lbAJ"> </A>
|
|
<H2>COPYRIGHT</H2>
|
|
|
|
|
|
|
|
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
|
|
<P>
|
|
|
|
Licensed under the OpenSSL license (the ``License''). You may not use
|
|
this file except in compliance with the License. You can obtain a copy
|
|
in the file <FONT SIZE="-1">LICENSE</FONT> in the source distribution or at
|
|
<<A HREF="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</A>>.
|
|
<P>
|
|
|
|
<HR>
|
|
<A NAME="index"> </A><H2>Index</H2>
|
|
<DL>
|
|
<DT id="18"><A HREF="#lbAB">NAME</A><DD>
|
|
<DT id="19"><A HREF="#lbAC">SYNOPSIS</A><DD>
|
|
<DT id="20"><A HREF="#lbAD">DESCRIPTION</A><DD>
|
|
<DT id="21"><A HREF="#lbAE">OPTIONS</A><DD>
|
|
<DT id="22"><A HREF="#lbAF">OUTPUT</A><DD>
|
|
<DT id="23"><A HREF="#lbAG">NOTES</A><DD>
|
|
<DT id="24"><A HREF="#lbAH">BUGS</A><DD>
|
|
<DT id="25"><A HREF="#lbAI">SEE ALSO</A><DD>
|
|
<DT id="26"><A HREF="#lbAJ">COPYRIGHT</A><DD>
|
|
</DL>
|
|
<HR>
|
|
This document was created by
|
|
<A HREF="/cgi-bin/man/man2html">man2html</A>,
|
|
using the manual pages.<BR>
|
|
Time: 00:05:26 GMT, March 31, 2021
|
|
</BODY>
|
|
</HTML>
|