Testing HTTPS

In order to test a HTTP connection and response you are probably already familiar with telnet to do a HTTP GET request against port 80. However it’s not possible to use the same technique for testing a webserver response on port 443 (SSL), as you can see below.

$ telnet webserver.local 443
Trying 192.168.1.2...
Connected to webserver.local.
Escape character is '^]'.
GET / HTTP/1.1<enter>
host: webserver.local<enter>
<enter>
<h1>Bad Request</h1>
Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.

To do a HTTP get against a SSL secured website you need openssl to do the magic. See the following example.


$ openssl s_client -connect webserver.local:443 -state -debug
GET / HTTP/1.0<enter>
host: webserver.local<enter>
<enter>