s_client and gethostbyname failure

arahant picture arahant · Sep 8, 2016 · Viewed 9.1k times · Source

I am working with an external company. Lets call them evilcorp.com. I want to use openssl to debug a two way SSL handshake.

  • https://evilcorp.com is setup to not require client authentication.
  • https://evilcorp.com/webservices is setup to require client authentication.

How can I specify this path in openssl. So basically this works:

openssl s_client -connect evilcorp.com:443 

But this does not work and gives me gethostbyname failure

openssl s_client -connect evilcorp.com/webservices:443 

How can I get this to work (if possible)

Answer

JakeJ picture JakeJ · Dec 8, 2017

You have a very simple error in the address. Here's the fix:

"openssl s_client -connect evilcorp.com:443/webservice"

You had the 443 at the end - it needs to go directly after to the domain name.