In the good old days, the internet was a nice playground. Everything on the wire was plain text. A simple wirecapture was enough to understand the protocol. Debugging involved using telnet.
To check what a webserver return
echo -e "GET / HTTP/1.1\nhost:www.example.com\n\n" |\ nc physical.example.com 80
Then came the encryption, which makes a lot of sense. But testing any service becomes a bit more complicated. Luckily openssl comes with a nice commandline tool: openssl.
openssl s_client -connect www.example.com:443
To make the same example as before, you can’t simply replace the echo. openssl will terminate the connection as soon as the EOF ist sent via stdin. That is before the response is retrieved. So we make the echo in a subshell and add a sleep
(echo -e "GET / HTTP/1.1\nhost:www.example.com\n\n"; sleep 5) |\ openssl s_client -connect physical.example.com:443
Another nice thing is the check of certifcates. For example expiration date.
echo "" |\ openssl s_client -connect www.example.com:443 |\ openssl x509 -noout -enddate
Here the immediate termination by openssl is fine, we already got the cert.