Initiate SSL secured TCP connections to remote services

Posted . Visible to the public.

Establishing a TCP connection to a SSL secured remote service is not possible using telnet or nc.

Though, you can use openssl for that:

openssl s_client -connect www.makandra.com:443
Thomas Eisenbarth
makandra.de
Say thanks
Last edit
License
Source code in this card is licensed under the MIT License.

Related cards:

How to find out what is running on a port on a remote machine

By convention, common protocols use a defined port, like 80 for HTTP or 443 for HTTPS.

You can use nmap to find out what service is running behind a given port, and most often see some details about it. This can be helpful if servers don't offe...

Ruby: How to connect to a host with expired SSL certificate

If you need to make an HTTPS connection to a host which uses an expired certificate, do not disable certificate verifications entirely. Doing that enables e.g. man in the middle attacks.
If you accept only a single expired and known certifica...

Show details of TLS/SSL connections of remote hosts

sslscan is a nice tool to show details about TLS/SSL connections:

~> sslscan some-host-at.makandra.de

Testing SSL server some-host-at.makandra.de on port 443

  Supported Server Cipher(s):
    Failed    SSLv3  256 bits  ECDHE-RSA-AES256-GC...

Ruby: How to fetch a remote host's TLS certificate

TLS/SSL certificates are often used for HTTPS traffic. Occasionally a service may also use their TLS certificate to support public-key encrypting data (e.g. when it is part of the URI and visible to the user, but contains sensitive information).

...

When connecting to a second database, take care not to overwrite existing connections

Sometimes, you may want to open up a second database connection, to a read slave or another database. When doing that, you must make sure you don't overwrite an existing connection.

The problem

While this may look good, it will act...

How to mirror a git repo to a new remote

Say you want to move a git repository from one remote (perhaps Github) to another (perhaps Gitlab).

If you have the repo checked out, you still should make sure to mirror all branches of the old remote, not only those you happen to have checked o...

How to enable SSL in development with Passenger standalone

Here is how to start your Rails application to accept both HTTP and HTTPS in development.

  1. gem install passenger

  2. Create a [self-signed SSL certificate](https://makandracards.com/makandra/15901-howto-create-a-self-signed-certificate...

Computational cost of SSL connections

In January this year (2010), Gmail switched to using HTTPS for everything by default. Previously it had been introduced as an option, but now all of our users use HTTPS to secure their email between their browsers and Google, all the time. In orde...

Monitoring a network connection from a remote host

Sometimes you need to monitor a connection from your machine to a specific, single host or network in order to identify which network hop between your machine and the target causes trouble. You can use the following shell script to easily achieve ...

Workflow: How to use a key management service to encrypt passwords in the database

This is an extract from the linked article. It shows an approach on how to implement encrypted passwords with the AWS Key Management Service (KMS).

For most applications it's enough to use a hashed...

Posted by Thomas Eisenbarth to makandra dev (2013-03-19 13:07)
This website uses short-lived cookies to improve usability.
or learn more