:::: MENU ::::

Testing website using telnet (SSL/HTTPS)

  • Jun 06 / 2014
  • 0
Linux

Testing website using telnet (SSL/HTTPS)

When developping a website, you could need to send custom requests to your server so you can analyze its behavior and its responses.

If you’re not using secured protocol, that’s easy, you just need to connect to port 80 (usually) on your server and send your request as:

telnet www.python.org 80
GET /index.html HTTP/1.1
Host: www.python.org

You will immediately get the server response with the headers:

HTTP/1.1 301 Moved Permanently
Server: Varnish
Retry-After: 0
Location: https://www.python.org/index.html
Content-Length: 0
Accept-Ranges: bytes
Date: Fri, 06 Jun 2014 22:14:49 GMT
Via: 1.1 varnish
Connection: close
X-Served-By: cache-fra1229-FRA
X-Cache: MISS
X-Cache-Hits: 0
Strict-Transport-Security: max-age=63072000; includeSubDomains

But now, if you want to send the same request to a server running on secured protocol (as HTTPS on port 443), you can’t use this method given that the request will be sent in plain text and the server won’t be able to understand it.

You will need to use the tool s_client provided with openssl. Once the tool is started, you wil immediately receive the certificate informations and will be able to send your request:

openssl s_client -connect www.python.org:443
[CERTIFICATE INFORMATION]
---
GET /index.html HTTP/1.1
Host: www.python.org

You will immediately get the server response with the headers as previously (in my example, a 404 error is sent back due to a non-existing page requested):

HTTP/1.1 404 NOT FOUND
Date: Fri, 06 Jun 2014 22:23:47 GMT
Server: nginx
Content-Type: text/html; charset=utf-8
X-Frame-Options: SAMEORIGIN
Content-Length: 28918
Accept-Ranges: bytes
Via: 1.1 varnish
Age: 0
X-Served-By: cache-lcy1128-LCY
X-Cache: MISS
X-Cache-Hits: 0
Vary: Cookie
Strict-Transport-Security: max-age=63072000; includeSubDomains

That’s all folk 😉 !

Comments are closed.

Question ? Contact