Package: openssl Version: 1.0.2d-1 Severity: normal Dear Maintainer,
I use openssl to check that certificate installed on different hosts match some DNS names. According "openssl s_client help" command, I use: openssl s_client -connect "debian.com:443" -verify_host debian.com But I get: *** damien@me:$ openssl s_client -connect "debian.com:443" -verify_host debian.com unknown option -verify_host usage: s_client args -host host - use -connect instead -port port - use -connect instead -connect host:port - who to connect to (default is localhost:4433) -verify_host host - check peer certificate matches "host" .... **** We can see that "verify_host" is unknown but present in the "usage". I found an openssl mail here : https://mta.openssl.org/pipermail/openssl- dev/2015-April.txt We can see that the option checked in the code is "-verify_hostname" and not "-verify_host" And yes, if I try: openssl s_client -connect "debian.com:443" -verify_hostname debian.com ->It works. It would be cool if you could path openssl to have the good display of the "usage". Regards -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.2.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages openssl depends on: ii libc6 2.19-22 ii libssl1.0.0 1.0.2d-1 openssl recommends no packages. Versions of packages openssl suggests: ii ca-certificates 20150426 OpenSSL version : 1.0.2d 9 Jul 2015 openssl package version: 1.0.2d-1

