Using cURL to troubleshoot TLS and SSL

glitchlist Blog Leave a Comment

curl is a tool to transfer data from or to a server, using one of the supported protocols (DICT, FILE, FTP, FTPS, GOPHER, HTTP,
HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET and TFTP). The command is
designed to work without user interaction.
curl offers a busload of useful tricks like proxy support, user authentication, FTP upload, HTTP post, SSL connections, cookies, file transfer resume, Metalink, and more. As you will see below, the number of features will make your head spin!

man curl – http://curl.haxx.se/docs/manpage.html

Among the many functions available, curl can also be used to troubleshoot SSL / TLS protocols and related cipher suites.

# Check Certificate
curl -vvI https://glitchlistdotcom.wpcomstaging.com

# Test WS in ssl v.3
curl https://glitchlistdotcom.wpcomstaging.com -k -v --location-trusted --sslv3

# Test WS in ssl v.1.2 and 3DES as encryption alg.
curl https://glitchlistdotcom.wpcomstaging.com -k -v --location-trusted --tlsv1.2 --ciphers 3DES

# Test WS in sll v.1.2 with AECDH-AES256-SHA cipher suite
curl https://glitchlistdotcom.wpcomstaging.com -k -v --location-trusted --tlsv1.2 --ciphers AECDH-AES256-SHA

good luck!

.glitchlist crew

Leave a Reply

Your email address will not be published. Required fields are marked *