The sess_id process the encoded version of the SSL session structure
and optionally prints out SSL session details (for example the SSL session
master key) in human readable format. Since this is a diagnostic tool that
needs some knowledge of the SSL protocol to use properly, most users will
not need to use it.
This specifies the input format. The DER option uses an ASN1 DER encoded
format containing session details. The precise format can vary from one version
to the next. The PEM form is the default format: it consists of the DER
format base64 encoded with additional header and footer lines.
This specifies the output format, the options have the same meaning as the
This specifies the input filename to read session information from or standard
input by default.
This specifies the output filename to write session information to or standard
output if this option is not specified.
prints out the various public or private key components in
plain text in addition to the encoded version.
if a certificate is present in the session it will be output using this option,
if the -text option is also present then it will be printed out in text form.
this option prevents output of the encoded version of the session.
this option can set the session id so the output session information uses the
supplied ID. The ID can be any string of characters. This option wont normally
Since the SSL session output contains the master key it is possible to read the contents
of an encrypted session using this information. Therefore appropriate security precautions
should be taken if the information is being output by a ``real'' application. This is
however strongly discouraged and should only be used for debugging purposes.
The cipher and start time should be printed out in human readable form.