From SpectLog
Jump to: navigation, search


It is often convenient to test certain servers which work with text-based protocols manually. For example, sending basic email over SMTP protocol or making request over HTTP. With encryption layer (SSL/TLS) it is not possible directly. Package openssl provides tools for this:

openssl s_client -connect

As soon as connection is made, commands can be issued manually as if the connection was made by telnet.

In addition to that, the same utility may be useful to check output of encryption layer negotiation for SSL/TLS troubleshooting:

depth=2 C = US, O = "VeriSign, Inc.", OU = Class 3 Public Primary Certification Authority
verify return:1
depth=1 C = ZA, O = Thawte Consulting (Pty) Ltd., CN = Thawte SGC CA
verify return:1
depth=0 C = US, ST = California, L = Mountain View, O = Google Inc, CN =
verify return:1
Certificate chain
 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/
   i:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
 1 s:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
   i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
Server certificate
subject=/C=US/ST=California/L=Mountain View/O=Google Inc/
issuer=/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
No client certificate CA names sent
SSL handshake has read 1907 bytes and written 299 bytes
New, TLSv1/SSLv3, Cipher is RC4-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
    Start Time: 1314548096
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)