Info
Content
Books
Linux
OpenSSL
Testing with OpenSSL

Testing with OpenSSL

OpenSSL имеет встроенную клиентскую утилиту для подключения к защищенным серверам

openssl s_client -connect server.com:443

Она похожа на telnet или nc
Позволяет контролировать следующий за SSL/TLS уровень
На вход требует сервер и порт

Пример
Дернем страничку через TELNET

root@three:~# telnet example.com 80
Trying 93.184.216.34...
Connected to example.com.
Escape character is '^]'.
GET / HTTP/1.1
Host: example.com

HTTP/1.1 200 OK
...
Content-Length: 1256

<!doctype html>
<html>
<head>
    <title>Example Domain</title>
...
    <style type="text/css">
    body {
        background-color: #f0f0f2;
        ...
    </style>
</head>

<body>
<div>
    <h1>Example Domain</h1>
    <p>This domain is for use in illustrative examples in documents. You may use this
    domain in literature without prior coordination or asking for permission.</p>
    <p><a href="https://www.iana.org/domains/example">More information...</a></p>
</div>
</body>
</html>

^CConnection closed by foreign host.

То же самое через S_CLIENT

root@three:~# openssl s_client -connect example.com:443
CONNECTED(00000003)
... # разная отладачная инфа про серты
---
Server certificate
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
subject=C = US, ST = California, L = Los Angeles, O = Internet Corporation for Assigned Names and Numbers, CN = www.example.org
issuer=C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1
---
... # еще какая-то инфа
---
SSL handshake has read 4654 bytes and written 719 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
...
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    ...
---
read R BLOCK
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
...
---
read R BLOCK ### И наконец полезная инфа (делаем свой запрос)
GET / HTTP/1.1
Host: example.com

HTTP/1.1 200 OK # (получаем ответ)
... # headers

<!doctype html>
<html>
<head>
    <title>Example Domain</title>

    <meta cha...
</head>

<body>
<div>
    <h1>Example Domain</h1>
    <p>This domain is for use in illustrative examples in documents. You may use this
    domain in literature without prior coordination or asking for permission.</p>
    <p><a href="https://www.iana.org/domains/example">More information...</a></p>
</div>
</body>
</html>
^C

остановился на странице 49

No Comments
Details
Revision #1
Created 3 years ago by Ivan Dudin
Updated 3 years ago by Ivan Dudin
Book Permissions Active
Actions
Export
Back to top