Testing websites, it’s sometimes beneficial to just telnet google.com 80
and speak HTTP. But, of course, that won’t work for HTTPS sites, because you’re expected to set up an SSL connection, not send HTTP commands.
It turns out you have two options (at least), but neither involves using telnet.
Use openssl
This is the more common one: use the s_client option on the OpenSSL CLI tool.
Matthew.Wagner ~ $ openssl s_client -connect ma.ttwagner.com:443 CONNECTED(00000003) depth=1 /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA - G2 verify error:num=20:unable to get local issuer certificate verify return:0 --- Certificate chain ...
This will output a ton of SSL information, but then you’re in the equivalent of a telnet session, tunneled through a secure connection. You can use your classic dialog, e.g.,
GET / HTTP/1.1 HOST: ma.ttwagner.com
And you’ll get the expected response.
Use gnutls-cli
Thanks to a fellow Matt, at bearfruit.org, for this great suggestion. If you’ve got gnutls
installed, it’s even easier:
Matthew.Wagner ~ $ gnutls-cli login.yahoo.com Processed 237 CA certificate(s). Resolving 'login.yahoo.com'... Connecting to '98.139.21.169:443'... Cannot connect to 98.139.21.169:443: Operation timed out
(The “Cannot connect” error is not erroneous. I was confirming that my browser wasn’t insane, and that login.yahoo.com really was down at the time.)
gnutls-cli
is present on my Mac, but not on a CentOS box. There, it’s provided by gnutls-utils
.
NOT WORKING
It works – just tested it!