How to telnet to port 443 to test HTTPS sites

Testing websites, it’s sometimes beneficial to just telnet 80 and speak HTTP. But, of course, that won’t work for HTTPS sites, because you’re expected to set up an SSL connection, not send HTTP commands.

It turns out you have two options (at least), but neither involves using telnet.

Use openssl

This is the more common one: use the s_client option on the OpenSSL CLI tool.

Matthew.Wagner ~ $ openssl s_client -connect
depth=1 /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA - G2
verify error:num=20:unable to get local issuer certificate
verify return:0
Certificate chain

This will output a ton of SSL information, but then you’re in the equivalent of a telnet session, tunneled through a secure connection. You can use your classic dialog, e.g.,

GET / HTTP/1.1

And you’ll get the expected response.

Use gnutls-cli

Thanks to a fellow Matt, at, for this great suggestion. If you’ve got gnutls installed, it’s even easier:

Matthew.Wagner ~ $ gnutls-cli
Processed 237 CA certificate(s).
Resolving ''...
Connecting to ''...
Cannot connect to Operation timed out

(The “Cannot connect” error is not erroneous. I was confirming that my browser wasn’t insane, and that really was down at the time.)

gnutls-cli is present on my Mac, but not on a CentOS box. There, it’s provided by gnutls-utils.

3 thoughts on “How to telnet to port 443 to test HTTPS sites

Leave a Reply

Your email address will not be published. Required fields are marked *

To create code blocks or other preformatted text, indent by four spaces:

    This will be displayed in a monospaced font. The first four 
    spaces will be stripped off, but all other whitespace
    will be preserved.
    Markdown is turned off in code blocks:
     [This is not a link](

To create not a block, but an inline code span, use backticks:

Here is some inline `code`.

For more help see