Sun Java System Web Server 7.0 Troubleshooting Guide

Issuing Test Request to an SSL Server

While diagnosing problems between Web Server 7.0 and web browsers, it is useful to analyze the requests and responses. When SSL/TLS is not used, for capturing requests and responses between web browser and the server you can use any network capture tool such as ethereal.

But when SSL/TLS is used for communication, you can use the OpensSSL's s_client application for tapping the communication.

Execute the following command (after successful SSL connection) and enter the test HTTP request as desired.


$openssl s_client -host localhost -port 8080 -quiet

By using the same command without the -quiet flag, you can see information about the connection, such as the server DN, Certificate name and negotiated cipher suite.

For testing particular cipher suites, check the -cipher option. For example:


$openssl s_client -host localhost -port 8080  -cipher DES-CBC-SHA

For more information, see the s_client man page at http://www.openssl.org/docs/apps/s_client.html.