Next: , Previous: , Up: Top  

2 TLSd invocation

tlsd [option ...] [--] <command> [argument ...]

2.1 Command line arguments

-k keyfile

Private key file to use (default is /etc/tls/key.pem).

-c certfile

Certificate file to use (default is /etc/tls/cert.pem).

-p port

Port to listen on (default is to use a randomly selected one).

-b host

Bind address (default is

-s signo

Send a signal to a child on termination. No signal is sent by default: child processes are expected to exit once their stdin is closed.


Do not require a peer certificate. This makes the SHA256 environment variable for child processes optional.

-d directory

Write peer certificates in DER format into a directory.

-i ident

Syslog identifier to use.


Print messages into stderr, in addition to syslog.


Print a help message and exit.

2.2 Examples

2.2.1 Echo server

tlsd -e cat

2.2.2 Authentication

tlsd -p 5556 -- sh -c 'echo "Hello, ${SHA256}! I am a ${SIDE}."'

2.2.3 Connection initiation

echo 'localhost 5600' | tlsd -e echo 'hello'

2.3 Signals

The following signals are handled:


Terminate gracefully.


Reload key and certificate.