Check if a server has strictsni enabled

Bash Public

Snippet

 
curl -v -k https://1.2.3.4

Description
  1. Find the ip of the server 
    nslookup my.domain.tld
  2. Use that ip in the following command 
    curl -v -k https://1.2.3.4
  3. If it returns an ssl cert (valid or not) then strict sni is NOT enabled, it should return something like this if its enabled correctly: 
    ❯ curl -v -k https://1.2.3.4
*   Trying 1.2.3.4:443...
* Connected to 1.2.3.4 (1.2.3.4) port 443
* ALPN: curl offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
* LibreSSL/3.3.6: error:1404B458:SSL routines:ST_CONNECT:tlsv1 unrecognized name
* Closing connection
curl: (35) LibreSSL/3.3.6: error:1404B458:SSL routines:ST_CONNECT:tlsv1 unrecognized name
By xtream1101 Updated 2 months ago