The command below makes life even easier as it will automatically delete everything except the PEM certificate. If you have generated Private Key: s_client can be used to debug SSL servers. s_client can be used to debug SSL servers. HTTP/1.0 400 Bad Request Content-Length: 0 The -ign_eof keeps the connection open to … If you wish to use existing pkcs12 format with Apache or just in pem format, this will be useful. These commands allow you to convert certificates and keys to different formats to make them compatible with specific types of servers or software. openssl s_client \ -connect smtp.gmail.com:587 \ -starttls smtp For this, after connect I submit necessary commands with username and password in base64: EHLO smtp.gmail.com AUTH LOGIN MAIL FROM: RCPT TO: <*****@gmail.com> DATA Subject: Sending an email using telnet Hello, This is an email sent by using the telnet command. openssl s_client -connect linuxadminonline.com:443 -tls1_2 In OpenSSL 1.0.2 and newer, when you connect to a server, the s_client command prints the strength of the ephemeral Diffie-Hellman key if one is used. Among the many commands that OpenSSL offers, for testing secure connections we will use the openssl s_client command. You can echo it in. As an example we will use www.sslshopper.com, test.rebex.net and gmail.com. If the connection succeeds then an HTTP command can be given such as "GET /" to retrieve a web page. To connect to an SSL HTTP server the command: openssl s_client -connect servername:443 would typically be used (https uses port 443). To connect to an SSL HTTP server the command: openssl s_client -connect servername:443 would typically be used (https uses port 443). Convert PKCS12 format to PEM certificate openssl pkcs12 –in cert.p12 –out cert.pem. openssl s_client -connect www.somesite.com:443 > cert.pem Now edit the cert.pem file and delete everything except the PEM certificate. Below, I used a GET withHTTP/1.0 and tweeter rudely refused my request:. That’s why we’ve come up with the most commonly used OpenSSL commands along with their applications. openssl s_client -connect linuxadminonline.com:443 -showcerts. Below example shows on how to connect domain using TLS 1.2 protocol. openssl s_client -connect www.paypal.com:443; Converting Using OpenSSL. Here is a list of the most common s_client command’s variations: To test http SSL connection type: openssl s_client -connect www.sslshopper.com:443 -CApath /etc/ssl/certs/ Verification could be done using s_client command in openssl. The above command will help you to see the contents of the PKCS12 file. The basic command outline is as follows: [root@host ~]# openssl s_client -connect : In order to test a connection, we are going to need a domain name and a port. Thus, to determine the strength of some server’s DH parameters, all you need to do is connect to it while offering only suites that use the DH key exchange. Have a look: OpenSSL Command to Generate Private Key openssl genrsa -out yourdomain.key 2048 OpenSSL Command to Check your Private Key openssl rsa -in privateKey.key -check OpenSSL Command to Generate CSR. To connect to an SSL HTTP server the command: openssl s_client -connect servername:443 would typically be used (https uses port 443). Connect SSL using TLS 1.2 only While using openssl command one can mention the specific protocol using which you can connect to the domain over SSL. If the connection succeeds then an HTTP command can be given such as ``GET /'' to retrieve a web page. If the connection succeeds then an HTTP command can be given such as GET / to retrieve a web page. Does anyone know how to use s_client of openssl to send a short string to the server?