[openssl-users] How to use a specific ip interface while testing TLS/SSL connectivity.

Rajinder Pal Singh rajin6594 at gmail.com
Sat Feb 9 23:38:59 UTC 2019


Thanks Mark. Will definitely try this. Appreciate your help. Will keep you
losted.

Regards.

On Sat, Feb 9, 2019, 8:45 AM openssl at foocrypt.net <openssl at foocrypt.net
wrote:

> HI Rajinder
>
> Perhaps a tunnel may help ?
>
> Have a look at man -s ssh, check out binding to interfaces and setting up
> a tunnel from one Nic through to your endpoint.
>
> Have a look at nectar or nc as its called these days for listening on the
> endpoint of the tunnel as your basic http 1.1 server, and redirect the
> output to a file to see what it is receiving.
>
>
> https://unix.stackexchange.com/questions/32182/simple-command-line-http-server may
> help
>
> You could write a quick shell script in KORN and open up a TCP socket
> connection to your web server and just feed it the raw SSL/TLS packets
> captured from the hand shake from another session captured with tcpdump,
> snoop, etc.
>
> Regards,
>
> Mark A. Lane
>
>
> On 9 Feb 2019, at 07:53, Rajinder Pal Singh <rajin6594 at gmail.com> wrote:
>
> Thanks Mark for the prompt reply. Absolutely makes sense. Actually, i am
> on Nonstop HPE servers. There are no internal routing tables or so to say
> static routes. Environment is different from unix/linux.
>
> From Application perspective, we choose what ip interface to use.
>
> Wondering if we can force the openssl to use specific interface?
>
> Regards.
>
>
>
> On Fri, Feb 8, 2019, 12:26 PM mark at foocrypt.net <mark at foocrypt.net wrote:
>
>> Hi Rajinder
>>
>> There shouldn’t be any issues depending on how your host OS is performing
>> the routing to the network the SSL/TLS endpoint is on.
>>
>> Try a tracerout to the IP to see where it goes, and a telnet IP 80 or 443
>> to make sure you can connect to the web server.
>>
>>>>
>> Regards,
>>
>> Mark A. Lane
>>
>>
>>
>>
>> On 9 Feb 2019, at 04:20, Rajinder Pal Singh <rajin6594 at gmail.com> wrote:
>>
>> Hi,
>>
>> I want to use a specific ip interface (out of several available ethernet
>> interfaces available on my server) to test TLS/SSL connectivity to a remote
>> server.
>>
>>
>> Wondering if its possible?
>>
>>
>> Regards,
>> Rajinder.
>> --
>> openssl-users mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>>
>>
>> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190209/8ca3d560/attachment.html>


More information about the openssl-users mailing list