Exploring SSL Port with Examples

Updated: Sep 4

A port is a virtual numbered address that’s used as a communication endpoint by transport layer protocols like UDP (user diagram protocol) or TCP (transmission control protocol). Network ports direct traffic to the right places — i.e., they help the devices involved identify which service is being requested.




For instance, the port that’s responsible for handling all unencrypted HTTP web traffic is port 80. When we use a TLS certificate, the communication channel between the browser and the server gets encrypted to protect all sensitive data exchanges.


All such secure transfers are done using port 443, the standard port for HTTPS traffic.



How Does HTTPS And SSL Work?

HTTP is a not a separate protocol as that of HTTPS. The fact is that HTTPS works by creating a secure HTTP connection with the use of SSL. Therefore, the protocol stacks for HTTP and HTTPS look alike.


A major difference between HTTP and HTTPS is that HTTPS runs on SSL. In order to establish a secure internet connection, it is important to install an SSL certificate on the web server. The SSL certificate validates the organization’s identity for activating the HTTPS protocol. As a result of this, data is safely passed between the web server and the web browser.




Is the SSL Port 443?

No. SSL runs on the Security Layer. Any application can use SSL certificate to be secure. Port 443 is the default port for HTTPS. We can also use SSL in other applications like email, DNS, database, etc.


Depending on the type of connection and what encryption is supported, different SSL port numbers might be needed.




Distinguishing Between Certificates And application Protocols

The 'application protocol’ and the ‘SSL certificate’ are two distinct but vital factors for establishing a secure internet connection.


The application protocol like https provides a gateway through which the data is encrypted and transmitted safely.


An SSL certificate is simply used for authenticating important information when a user tries to send information through a secure connection.

This goes on to say that a secure connection is established and determined by the configuration of our server and not just by the certificate.




What is The Importance of SSL Port?

It is necessary to configure a SSL certificate form a range of SSL Certificates on our server to get a message “connection is secure” (HTTPS) in the URL address bar. This is the permission of secure connection between a client and server.


In this digital world where the users and online businesses are increasing day by day, the number of hackers are also trying to get our confidential information for misuse. So, it is a vital for any secure website to install a SSL encryption to protect our useful information from malicious attacks.




How to check the connection is secure with openssl command

In the command line, enter openssl s_client -connect <hostname>:<port>.


This opens an SSL connection to the specified hostname and port and prints the SSL certificate.


Check the availability of the domain from the connection results.


openssl s_client -connect <YourDomain>.com:port -showcerts  

Prints all certificates in the certificate chain presented by the SSL service. Useful when troubleshooting missing intermediate CA certificate issues.



Example of SSL Port

This is the secure email server for Gmail.


openssl s_client  -connect pop.gmail.com:995
t# openssl s_client  -connect pop.gmail.com:995
CONNECTED(00000005)
depth=3 C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA
verify return:1
depth=2 C = US, O = Google Trust Services LLC, CN = GTS Root R1
verify return:1
depth=1 C = US, O = Google Trust Services LLC, CN = GTS CA 1C3
verify return:1
depth=0 CN = pop.gmail.com
verify return:1
---


This is the secure DNS server for cloudflare-dns.com


openssl s_client  -connect 1.1.1.1:853
# openssl s_client  -connect 1.1.1.1:853
CONNECTED(00000003)
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, CN = DigiCert TLS Hybrid ECC SHA384 2020 CA1
verify return:1
depth=0 C = US, ST = California, L = San Francisco, O = "Cloudflare, Inc.", CN = cloudflare-dns.com
verify return:1


Related:


18 views
屏幕快照 2021-08-08 下午5.16.32.png