Сподіваюся, що всім відомо, що звичайне з'єднання по http-протоколу можна перевірити використовуючи звичайну команду telnet:
Виявляється, що теж доволі просто:
А як перевірити https/http2?$ telnet google.com.ua 80 Trying 172.217.20.163... Connected to google.com.ua. Escape character is '^]'. GET / HTTP/1.0 302 Found Cache-Control: private Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Location: http://www.google.com.ua/?gfe_rd=cr&dcr=0&ei=51chWtS7ErTi8Aed2bXIBA Content-Length: 272 Date: Fri, 01 Dec 2017 13:23:51 GMT <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> <TITLE>302 Moved</TITLE></HEAD><BODY> <H1>302 Moved</H1> The document has moved <A HREF="http://www.google.com.ua/?gfe_rd=cr&dcr=0&ei=51chWtS7ErTi8Aed2bXIBA">here</A>. </BODY></HTML> Connection closed by foreign host.
Виявляється, що теж доволі просто:
От так от.$ openssl s_client -connect google.com.ua:443 CONNECTED(00000003) depth=3 C = US, O = Equifax, OU = Equifax Secure Certificate Authority verify return:1 depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA verify return:1 depth=1 C = US, O = Google Inc, CN = Google Internet Authority G2 verify return:1 depth=0 C = US, ST = California, L = Mountain View, O = Google Inc, CN = google.com verify return:1 --- Certificate chain 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=google.com i:/C=US/O=Google Inc/CN=Google Internet Authority G2 1 s:/C=US/O=Google Inc/CN=Google Internet Authority G2 i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA 2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority --- Server certificate -----BEGIN CERTIFICATE----- MIIgzjCCH7agAwIBAgIIC3opcadHGlowDQYJKoZIhvcNAQELBQAwSTELMAkGA1UE …skip… aVs= -----END CERTIFICATE----- subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=google.com issuer=/C=US/O=Google Inc/CN=Google Internet Authority G2 --- No client certificate CA names sent --- SSL handshake has read 11078 bytes and written 415 bytes --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES128-GCM-SHA256 Session-ID: CF87F01549DC0A0F009A3BE4125C7FC4CEA275ECA69BB770311C6D36FCF9D3F3 Session-ID-ctx: Master-Key: BFED552D2D80DDC539E59DAE4593F349FD4CB9AD334F3515640D213C3948771855C5F4EAA378025EF179BAD5FDC952AA Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 100800 (seconds) TLS session ticket: 0000 - 00 f6 8f 2c 19 9c a3 e3-1b 90 16 f0 0d c3 f7 c2 ...,............ …skip… 00d0 - 13 56 e8 9f 2e .V... Start Time: 1512134921 Timeout : 300 (sec) Verify return code: 0 (ok) --- GET / HTTP/1.0 302 Found Cache-Control: private Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Location: https://www.google.com.ua/?gfe_rd=cr&dcr=0&ei=DFkhWt_PNa_i8Aeci6y4AQ Content-Length: 273 Date: Fri, 01 Dec 2017 13:28:44 GMT Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> <TITLE>302 Moved</TITLE></HEAD><BODY> <H1>302 Moved</H1> The document has moved <A HREF="https://www.google.com.ua/?gfe_rd=cr&dcr=0&ei=DFkhWt_PNa_i8Aeci6y4AQ">here</A>. </BODY></HTML> read:errno=0
Приблизно те саме, але для smtp TLS:
Ну, а по інших моментах певно man openssl допомогти зможе :)openssl s_client -starttls smtp -crlf -connect smtp.mailgun.org:587
Немає коментарів:
Дописати коментар