IRC shelled to my Linux server running Rhapsody by blakespot

telnet for testing ssl/https websites

Matthew Nuzum —  — 8 Comments

OK, here’s the problem… you want to test a website by sending custom headers, but the website uses https. Normally you’d just telnet to port 80 like so:

telnet www.somesite 80
GET /index.html HTTP/1.1
Host: www.somesite

(Note you need to press enter twice at the end)

This would be a valid HTTP GET request and you’d see the server’s response headers and response data. But with an SSL website this won’t work at all. What do you do?

Use openssl of course. The openssl s_client program works perfectly here:

openssl s_client -connect www.somesite:443
[watch the ssl certificate details scroll by]
GET /index.html HTTP/1.1
Host: www.somesite

(again you need to press enter twice)

VOILA! But one gotcha… when using telnet the webserver would patiently wait for me to type out the request completely. s_client does NOT. So type out your request in a text editor and have it ready to paste in right after the ssl cert details scroll by.

I’ve only tried it with Ubuntu Linux but it should work on any Linux and Mac OS if you have openssl installed. There is a version for Windows too.

Thanks Ng, one of the phenomenal Canonical sysadmins for this tip. Also, Steve Langasek, the Ubuntu release manager suggests gnutls. It works similarly:

gnutls www.somesite

No need to specify a port number or use any command line options. Note that like s_client you need to be ready to paste your request in. apt-get install gnutls-bin will take care of you here.

If it helped, please share!Tweet about this on TwitterShare on FacebookShare on LinkedInShare on Google+

Matthew Nuzum

Posts Twitter Facebook

Web guy, big thinker, loves to talk and write. Front end web, mobile and UX developer for John Deere ISG. My projects: @dsmwebgeeks @tekrs @squaretap ✝
  • rlively

    Fantastic idea. It worked perfectly for testing an SSL website. It’s amazing how many so-called “web developers” have absolutely no idea what HTTP headers are or how their site gets served, but for those of us that do have an idea, this is a great tip. Thanks.

  • Bernard

    Thanks !!

  • Chuki

    Te answer is BAD REQUEST:


    400 Bad Request

    Bad Request
    Your browser sent a request that this server could not understand.

    Apache Server at …… Port 443

    closed

    • h2o

      Try with a sample

      GET /

  • matt

    I don’t think understanding HTTP headers is necessary to create good websites but as you get more involved with web services and server side programming then not having a thorough understanding will limit your potential.

  • Philip

    Works great! thanks for the tip! It’s vital to have openssl to get this to work.

    Wish there was a way to do this with cisco. I can connect, but don’t get any certificate detials for example.

    CPESE_STO000188#telnet 74.125.39.17 443 /source-interface GigabitEthernet0/1
    Trying 74.125.39.17, 443 … Open
    GET / HTTP/1.1
    [Connection to 74.125.39.17 closed by foreign host]

  • Sanyi

    Just a quick question… Why do you need to press Enter twice?

  • matt

    Because the HTTP says there is a blank line after the headers end and the content begins.