Specify the debug level. Default is 1.

prints this help

Print a list of the supported algorithms and modes.

Suppress some messages.

prints the program's version number

The port to listen on.

Does not use the resume database.

Act as an HTTP Server.

Act as an Echo Server.

TLS algorithms and protocols to enable. You can use predefined sets of ciphersuites such as:

all the "secure" ciphersuites are enabled, limited to 128 bit ciphers and sorted by terms of speed performance.

option enables all "secure" ciphersuites. The 256-bit ciphers are included as a fallback only. The ciphers are sorted by security margin.

flag enables all "secure" ciphersuites with ciphers up to 128 bits, sorted by security margin.

flag enables all "secure" ciphersuites including the 256 bit ciphers, sorted by security margin.

all the ciphersuites are enabled, including the low-security 40 bit ciphers.

nothing is enabled. This disables even protocols and compression methods.

Check the GnuTLS manual on section "Priority strings" for more information on allowed keywords.

Examples:

"NORMAL"

"NONE:+VERS-TLS-ALL:+MAC-ALL:+RSA:+AES-128-CBC:+SIGN-ALL:+COMP-NULL"

"NORMAL:-ARCFOUR-128" means normal ciphers except for ARCFOUR-128.

"SECURE:-VERS-SSL3.0:+COMP-DEFLATE" means that only secure ciphers are enabled, SSL3.0 is disabled, and libz compression enabled.

"NONE:+VERS-TLS-ALL:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL:+SIGN-RSA-SHA1"

"NORMAL:%COMPAT" is the most compatible mode

Generate Diffie-Hellman Parameters.

Key exchange methods to enable (use gnutls−cli −−list to show the supported key exchange methods).

The port to connect to.

PGP Public Key (certificate) file to use.

PGP Key file to use.

PGP Key ring file to use.

PGP trustdb file to use.

SRP password file to use.

SRP password configuration file to use.

Certificate file to use.

X.509 Certificate file to use.

Use DER format for certificates

X.509 key file to use.