Testing HTTPS

In order to test a HTTP connection and response you are probably already familiar with telnet to do a HTTP GET request against port 80. However it’s not possible to use the same technique for testing a webserver response on port 443 (SSL), as you can see below.

[code lang=”text”]
$ telnet webserver.local 443
Connected to webserver.local.
Escape character is ‘^]’.
GET / HTTP/1.1
host: webserver.local

Bad Request

Your browser sent a request that this server could not understand.
Reason: You’re speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.

To do a HTTP get against a SSL secured website you need openssl to do the magic. See the following example.

[code lang=”text”]

$ openssl s_client -connect webserver.local:443 -state -debug
GET / HTTP/1.0
host: webserver.local