HTTP using netcat

(redirected from Openssl.Cert)

nc(1), netcat, is the swiss-army knife of networking. It can be a valuable tool to help diagnose networking errors in your web server.

$ print "GET /index.html HTTP/1.1\r\nHostname: example.com\r\n\r\n" | nc example.com 80

You may get a few possible responses:

200 Response

A 200 response indicates that the request has succeeded and the web page is being served.

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 14
Content-Type: text/html
Date: Wed, 13 Nov 2024 02:21:41 GMT
Last-Modified: Tue, 12 Nov 2024 06:15:19 GMT
Server: OpenBSD httpd

302 Response

A 302 response indicates that the web page has been moved. This will occur if openhttpd is set to redirect to port 443:

HTTP/1.0 302 Found
Date: Tue, 23 Feb 2024 14:01:28 GMT
OpenBSD httpd
Connection: close
Content-Type: text/html
Content-Length: 486
Location: https://www.example.com/index.html
...

This response normally tells your web browser to automatically redirect to the new location, in this case, https://www.example.com/index.html (which uses TLS).

404 Response

HTTP/1.0 404 Not Found
Date: Wed, 13 Nov 2024 02:24:22 GMT
Server: OpenBSD httpd
Connection: close
Content-Type: text/html
Content-Length: 494

This means the page cannot be found. Double check to see if the document is in the correct path in /var/www/.

500 Response

HTTP/1.0 500 Internal Server Error
Date: Wed, 13 Nov 2024 02:53:59 GMT
Server: OpenBSD httpd
Connection: close
Content-Type: text/html
Content-Length: 518

This error indicates there is a problem with the web server. This can sometimes be triggered by a CGI error, if the script cannot be run properly due to misconfiguration, security restrictions, or improper file permissions. You may want to check errors logs such as in /var/www/logs/ or your scripting language's logs for further hints.

Save public certificate

To save the TLS public key in PEM format:

$ nc -c -Z certfile example.com 443

Replace example.com.