: SSL TLS
It is often convenient to test certain servers which work with text-based protocols manually. For example, sending basic email over SMTP protocol or making request over HTTP. With encryption layer (SSL/TLS) it is not possible directly. Package openssl provides tools for this:
openssl s_client -connect google.com:443
As soon as connection is made, commands can be issued manually as if the connection was made by telnet.
In addition to that, the same utility may be useful to check output of encryption layer negotiation for SSL/TLS troubleshooting:
CONNECTED(00000003) depth=2 C = US, O = "VeriSign, Inc.", OU = Class 3 Public Primary Certification Authority verify return:1 depth=1 C = ZA, O = Thawte Consulting (Pty) Ltd., CN = Thawte SGC CA verify return:1 depth=0 C = US, ST = California, L = Mountain View, O = Google Inc, CN = www.google.com verify return:1 --- Certificate chain 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com i:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA 1 s:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority --- Server certificate -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com issuer=/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA --- No client certificate CA names sent --- SSL handshake has read 1907 bytes and written 299 bytes --- New, TLSv1/SSLv3, Cipher is RC4-SHA Server public key is 1024 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: ... Start Time: 1314548096 Timeout : 300 (sec) Verify return code: 0 (ok) ---