Test of java SSL / keystore / cert setup. Check the comment #1 for howto.

SSLPoke.java

import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import java.io.*;

/** Establish a SSL connection to a host and port, writes a byte and
 * prints the response. See
 * http://confluence.atlassian.com/display/JIRA/Connecting+to+SSL+services
 */
public class SSLPoke {
    public static void main(String[] args) {
        if (args.length != 2) {
            System.out.println("Usage: "+SSLPoke.class.getName()+" <host> <port>");
            System.exit(1);
        }
        try {
            SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
            SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket(args[0], Integer.parseInt(args[1]));

            SSLParameters sslparams = new SSLParameters();
            sslparams.setEndpointIdentificationAlgorithm("HTTPS");
            sslsocket.setSSLParameters(sslparams);

            InputStream in = sslsocket.getInputStream();
            OutputStream out = sslsocket.getOutputStream();

            // Write a test byte to get a reaction :)
            out.write(1);

            while (in.available() > 0) {
                System.out.print(in.read());
            }
            System.out.println("Successfully connected");

        } catch (Exception exception) {
            exception.printStackTrace();
            System.exit(1);
        }
    }
}

@traderhut Also if your Java version is at least JDK 11 you can run the file without compiling it. Just copy the content and paste it into a file name SSLPoke.java — the .java extension is important — then run it

$ java -version
openjdk version "11.0.12" 2021-07-20 LTS
OpenJDK Runtime Environment Corretto-11.0.12.7.2 (build 11.0.12+7-LTS)
OpenJDK 64-Bit Server VM Corretto-11.0.12.7.2 (build 11.0.12+7-LTS, mixed mode)

$ java SSLPoke.java google.com 443
Successfully connected

---

The error you encounter is probably because you run the following command java sslpoke {site} {port}. Without the .java extension the command assumes it is a compiled class. Look at the help.

$ java --help
Usage: java [options] <mainclass> [args...]
           (to execute a class)
   or  java [options] -jar <jarfile> [args...]
           (to execute a jar file)
   or  java [options] -m <module>[/<mainclass>] [args...]
       java [options] --module <module>[/<mainclass>] [args...]
           (to execute the main class in a module)
   or  java [options] <sourcefile> [args]
           (to execute a single source-file program)

...

Been a while since I looked at Java, like about a year after it came out... Thanks for the assistance, turns out I solved the problem without using this tool

fyi, I use this with this CLI:

java -Djavax.net.ssl.trustStore=/path/to/store/LdapSSLKeyStore.jks -Djavax.net.ssl.trustStorePassword=123 -Djavax.net.ssl.trustStoreType=jks SSLPoke myserver.local 443

#or with debug and force certain protocol
java -Djavax.net.ssl.trustStore=/path/to/store/LdapSSLKeyStore.jks -Djavax.net.ssl.trustStorePassword=123 -Djavax.net.ssl.trustStoreType=jks -Djavax.net.debug=ssl:handshake:verbose -Djdk.tls.client.protocols=TLSv1 -Dhttps.protocols=TLSv1  SSLPoke myserver.local 443

java -Djavax.net.ssl.trustStore=/path/to/store/LdapSSLKeyStore.jks -Djavax.net.ssl.trustStorePassword=123 -Djavax.net.ssl.trustStoreType=jks SSLPoke

Very cool. Exactly what I was looking for. Thanks!