import javax.net.ssl.SSLSocket; | |
import javax.net.ssl.SSLSocketFactory; | |
import java.io.*; | |
/** Establish a SSL connection to a host and port, writes a byte and | |
* prints the response. See | |
* http://confluence.atlassian.com/display/JIRA/Connecting+to+SSL+services | |
*/ | |
public class SSLPoke { | |
public static void main(String[] args) { | |
if (args.length != 2) { | |
System.out.println("Usage: "+SSLPoke.class.getName()+" <host> <port>"); | |
System.exit(1); | |
} | |
try { | |
SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault(); | |
SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket(args[0], Integer.parseInt(args[1])); | |
InputStream in = sslsocket.getInputStream(); | |
OutputStream out = sslsocket.getOutputStream(); | |
// Write a test byte to get a reaction :) | |
out.write(1); | |
while (in.available() > 0) { | |
System.out.print(in.read()); | |
} | |
System.out.println("Successfully connected"); | |
} catch (Exception exception) { | |
exception.printStackTrace(); | |
} | |
} | |
} |
This comment has been minimized.
This comment has been minimized.
jdros
commented
May 21, 2015
Thanks! Helped us to debug a cert issue. |
This comment has been minimized.
This comment has been minimized.
jackchen858
commented
Jul 23, 2015
Doesn't seems work as I thought it should work. it doesn't check if the server certificate is matching with the parameter. example: java SSLPoke ip.address.of.sslserver 443 So it doesn't really check the certificate? |
This comment has been minimized.
This comment has been minimized.
bekce
commented
Nov 5, 2015
@jackchen858 +1 It does not |
This comment has been minimized.
This comment has been minimized.
wesleyforti
commented
Dec 3, 2015
It did not work for me. I always get Successfully connected msg |
This comment has been minimized.
This comment has been minimized.
janeklb
commented
Jan 12, 2016
Make sure you run this with the right |
This comment has been minimized.
This comment has been minimized.
mohannmurthy
commented
May 3, 2016
Works brilliantly. Thanks |
This comment has been minimized.
This comment has been minimized.
smeduru
commented
May 11, 2016
Thanks a lot. Followed your instructions. Fix worked perfectly. |
This comment has been minimized.
This comment has been minimized.
dadez
commented
Nov 29, 2016
How to use it behind a proxy ? |
This comment has been minimized.
This comment has been minimized.
joerg
commented
Jan 19, 2017
For those not living in the Java World here is how I compiled and used this:
|
This comment has been minimized.
This comment has been minimized.
Tzaphkiel
commented
Feb 13, 2017
Very useful thanks. A note however, instead of updating the java JRE/JDK installation's keystore, best practices dictates that you should define your own truststore (if you have company CA or application certificates for example): # import certificate into your local TrustStore
keytool -import -trustcacerts -storepass changeit -file "./class 1 root ca.cer" -alias C1_ROOT_CA -keystore ./LocalTrustStore
# use it in JAVA:
java -Djavax.net.ssl.trustStore=./LocalTrustStore -jar SSLPoke.jar $HOST $PORT |
This comment has been minimized.
This comment has been minimized.
jmara
commented
Feb 27, 2017
Will the default trustStore be overwritten by |
This comment has been minimized.
This comment has been minimized.
gbenmansour
commented
Apr 4, 2017
•
Thanks for sharing. When I try the negative test , I have the exception :
Any idea why I have this ? Another thing can you tell me how I can generate a certificate file from a server ? |
This comment has been minimized.
This comment has been minimized.
kunickiaj
commented
Jun 29, 2017
@jmara |
This comment has been minimized.
This comment has been minimized.
msteinebach
commented
Aug 3, 2017
Works well! Thanks P.S. If you don't use the default keystore, you'll need to pass it and the password for the keystore into your command as arguments. |
This comment has been minimized.
This comment has been minimized.
dragon788
commented
Oct 21, 2017
Thanks guys, these steps helped me debug why a couple of Atlassian products couldn't talk to each other. I got it working for now, but in my "ideal" world since every release of an Atlassian product includes it's own JRE, I will automate the above steps into a script to inject the "peer" applications' (hosted on other servers) certificates into only the "vendored" JRE cacerts to allow them to trust each other and this way I'm not polluting the system but I can link all the applications to each other without a bunch of warnings and failures. |
This comment has been minimized.
This comment has been minimized.
jralmaraz
commented
Jan 9, 2018
Thanks guys, just a +1 that is helping me debug an SSL issue on Weblogic between AdminServer and NodeManager. Cheers! |
This comment has been minimized.
This comment has been minimized.
ReverseLogicSocial
commented
Mar 2, 2018
I am having trouble w.r.t local certificate. $java SSLPoke localwc.in 443 $ java SSLPoke localwc.in 8443 $ java -Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2 SSLPoke localwc.in 8443 $ java -Djavax.ssl.trustStore=~/Developer/apache-tomcat-8.0.26/ssl/cacerts SSLPoke localwc.in 8443 $ keytool -list -v -keystore ~/Developer/apache-tomcat-8.0.26/ssl/cacerts Alias name: localwc.in ..... I am accessing 8443 via tomcat. |
This comment has been minimized.
This comment has been minimized.
wtfiwtz
commented
Mar 9, 2018
http://portecle.sourceforge.net/ is also a very useful tool for loading and testing the Java Trust Store database |
This comment has been minimized.
This comment has been minimized.
TiloGit
commented
Sep 26, 2018
thanks for the tool here my example how I used it:
run like
run with keystore
Successfully connected |
This comment has been minimized.
This comment has been minimized.
simonredfern
commented
Oct 20, 2018
Hi and Thanks! What's the license of this gist? I noticed https://github.com/MichalHecko/SSLPoke which has Apache, but you are the author? |
This comment has been minimized.
This comment has been minimized.
@simonredfern: the code was shamelessly stolen from Atlassian support , there were no license in code or on the site, just code drop. |
This comment has been minimized.
4ndrej commentedJan 16, 2013
Test of java SSL / keystore / cert setup. Came from https://confluence.atlassian.com/download/attachments/117455/SSLPoke.java
Usage:
openssl s_client -connect server:443
java SSLPoke server 443
you should get something like
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
keytool -import -alias alias.server.com -keystore $JAVA_HOME/jre/lib/security/cacerts
java SSLPoke server 443
you should get this:
Successfully connected