Solaris snoop on SSL headers

Question

Is there a way to snoop (on Solaris) SSL headers ( I don't actually need to capture SSL data ) so that I can ensure SSL is not blocked by any firewalls before entering my server.

score 1 · Answer 1 · answered Sep 22 '14 at 09:48

In real-time? If not, then you could just use tcpdump to a file and then copy the resulting file locally where you can view it with something like Wireshark.

Or you could just use tcpdump -X ... or tcpdump -A ... to see the actual live packets (it won't decode the SSL header fields.

There is also a command-line tool called ssldump which can capture the headers (and more, if you supply it the keying material, but that seems out of scope for what you require).

score 1 · Answer 2 · edited Nov 21 '14 at 15:56

1

Just use openssl:

openssl s_client -host yourhost -port yourport

for example

openssl s_client -host webserver -port 443

This requires no changes on the server you are trying to connect to.

edited Nov 21 '14 at 15:56

Felix Frank

3,123

answered Nov 21 '14 at 12:57

tzctserv

11

Solaris snoop on SSL headers

2 Answers2