Test of java SSL / keystore / cert setup. Check the commet #1 for howto.

SSLPoke.java

import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import java.io.*;

/** Establish a SSL connection to a host and port, writes a byte and
 * prints the response. See
 * http://confluence.atlassian.com/display/JIRA/Connecting+to+SSL+services
 */
public class SSLPoke {
    public static void main(String[] args) {
        if (args.length != 2) {
            System.out.println("Usage: "+SSLPoke.class.getName()+" <host> <port>");
            System.exit(1);
        }
        try {
            SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
            SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket(args[0], Integer.parseInt(args[1]));

            InputStream in = sslsocket.getInputStream();
            OutputStream out = sslsocket.getOutputStream();

            // Write a test byte to get a reaction :)
            out.write(1);

            while (in.available() > 0) {
                System.out.print(in.read());
            }
            System.out.println("Successfully connected");

        } catch (Exception exception) {
            exception.printStackTrace();
        }
    }
}

Test of java SSL / keystore / cert setup. Came from https://confluence.atlassian.com/download/attachments/117455/SSLPoke.java

Usage:

1. extract cert from server:
   openssl s_client -connect server:443

2. negative test cert / keytool:
   java SSLPoke server 443
   you should get something like
   javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

3. import cert into default keytool:
   keytool -import -alias alias.server.com -keystore $JAVA_HOME/jre/lib/security/cacerts

4. positive test cert / keytool:
   java SSLPoke server 443
   you should get this:
   Successfully connected

Thanks! Helped us to debug a cert issue.

Doesn't seems work as I thought it should work. it doesn't check if the server certificate is matching with the parameter.

example:

java SSLPoke ip.address.of.sslserver 443
Successfully connected

So it doesn't really check the certificate?

@jackchen858 +1 It does not

It did not work for me.

I always get Successfully connected msg

Make sure you run this with the right java in case you have multiple installations

Works brilliantly. Thanks

Thanks a lot. Followed your instructions. Fix worked perfectly.