How can I check if a server has ssl enable or not

Question

Does anyone of you know, if and if so, how can I check, with my application code, if a server has ssl enabled or not?

Answer 1

"It's easier to ask forgiveness than permission"

For example, to read stackoverflow.com via SSL, don't ask whether stackoverflow.com supports it, just do it. In Python:

>>> import urllib2
>>> urllib2.urlopen('https://stackoverflow.com')
Traceback (most recent call last):
...
urllib2.URLError: <urlopen error (10060, 'Operation timed out')>
>>> html = urllib2.urlopen('http://stackoverflow.com').read()
>>> len(html)
146271
>>> 

It shows that stackoverflow.com doesn't support SSL (2008).

---

Update: stackoverflow.com supports https now.

Answer 2

You don't specify a programming language, but you could do this from the command-line.

bash-3.2$ echo ^D | telnet www.google.com https
Trying 66.102.11.104...
Connected to www.l.google.com.
Escape character is '^]'.
Connection closed by foreign host.
bash-3.2$ echo ^D | telnet www.stackoverflow.com https
Trying 69.59.196.211...
telnet: connect to address 69.59.196.211: Connection refused
telnet: Unable to connect to remote host

There you go... Google does, StackOverflow does not.

Answer 3

11 Years later...

I ended up here, because I had the same question (within terminal).

I suppose the easiest solution would be to use s_client of openssl:

openssl s_client -quiet -connect google.com:443

if this returns an exit status of 0 (check using echo "$?"), the host supports SSL/TLS on given port (here 443).

Answer 4

This is a C# unit test to perform the detection without having to be on the right HTTPContext:

    [TestMethod]
    public void DetectSslSupport()
    {
        HttpWebRequest request = (HttpWebRequest)WebRequest.Create("https://www.someinsecuresite.com");
        try
        {
            using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
            {
                //some sites like stackoverflow will perform a service side redirect to the http site before the browser/request can throw an errror.
                Assert.IsTrue(response.ResponseUri.Scheme == "https");
            }
        }
        catch (WebException)//"The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel."}
        {
            Assert.IsTrue(false);
        }
    }

Answer 5

not sure on your language of preference but here it is in c#

public bool IsSecureConnection()
{
    return HttpContext.Current.Request.IsSecureConnection || 
           HttpContext.Current.Request.Headers["HTTP_X_SSL_REQUEST"].Equals("1");
}

Please note this header is custom, but I think you get the idea. I've seen folk simply query request for "https" and besides looking dirty it's probably reasonably acceptable, depends on your security model.

Or are you asking whether it's simply available at all?

I