How To‎ > ‎

Manual testing of HTTPS sites

My tool of choice for when you want to issue manual commands to HTTP servers is netcat, or telnet if netcat is not available. But when it comes to HTTPS sites it isn't that simple. There are some tools that can help you:
  • Paros Proxy allows you to enter manual requests
  • You can setup a SSL tunnel using stunnel
But I found out today that you can use the openssl command to connect to the SSL service and issue manual requests, like this:

openssl s_client -connect host:443 -state
GET / HTTP/1.0 

Pretty cool, and it works both under Linux and Windows.