DEV Community

Puru
Puru

Posted on

Testing SSL/TLS handshake latency using ssl-handshake

A command-line tool for testing SSL/TLS handshake latency, written in Go.

Features

  • TCP handshake latency
  • SSL/TLS handshake latency
  • TLS version used during the handshake
  • Display handshake statistics
  • Configurable endpoint port, handshake interval, timeout and count

ssl handshake in action

What is an SSL/TLS Handshake?

An SSL/TLS handshake is the process that kicks off a communication session between client and server that uses TLS encryption. During a TLS handshake, the two communicating sides exchange messages to acknowledge each other, verify each other, establish the encryption algorithms they will use, and agree on session keys. TLS handshakes are a foundational part of how HTTPS works and it is defined in RFC 8446 (for TLS 1.3) or in RFC 5246 (for TLS 1.2).

TLS handshakes occur after a TCP connection has been opened via a TCP handshake.

image

TLS handshake packets captured with Wireshark.

image

Docker Image

Docker image is publicly available at DockerHub:

Run ssl-handshake as Docker container:



docker run --rm ptuladhar/ssl-handshake -c 5 tuladhar.github.io:443


Enter fullscreen mode Exit fullscreen mode

You can also alias ssl-handshake, for ease of use:



alias ssl-handshake="docker run --rm ptuladhar/ssl-handshake"
ssl-handshake tuladhar.github.com:443


Enter fullscreen mode Exit fullscreen mode

Install binary

Binary is available for Linux, Windows and Mac OS (amd64 and arm64). Download the binary for your respective platform from the releases page.

Linux:



curl -sSLO https://github.com/tuladhar/ssl-handshake/releases/download/v1.6.0/ssl-handshake-v1.6.0-linux-amd64.tar.gz


Enter fullscreen mode Exit fullscreen mode


tar zxf ssl-handshake-v1.6.0-linux-amd64.tar.gz


Enter fullscreen mode Exit fullscreen mode


sudo install -m 0755 ssl-handshake /usr/local/bin/ssl-handshake


Enter fullscreen mode Exit fullscreen mode

macOS (Intel):



curl -sSLO https://github.com/tuladhar/ssl-handshake/releases/download/v1.6.0/ssl-handshake-v1.6.0-darwin-amd64.tar.gz


Enter fullscreen mode Exit fullscreen mode


tar zxf ssl-handshake-v1.6.0-darwin-amd64.tar.gz


Enter fullscreen mode Exit fullscreen mode


sudo install -m 0755 ssl-handshake /usr/local/bin/ssl-handshake


Enter fullscreen mode Exit fullscreen mode

macOS (Apple Silicon):



curl -sSLO https://github.com/tuladhar/ssl-handshake/releases/download/v1.6.0/ssl-handshake-v1.6.0-darwin-arm64.tar.gz


Enter fullscreen mode Exit fullscreen mode


tar zxf ssl-handshake-v1.6.0-darwin-arm64.tar.gz


Enter fullscreen mode Exit fullscreen mode


sudo install -m 0755 ssl-handshake /usr/local/bin/ssl-handshake


Enter fullscreen mode Exit fullscreen mode

Windows:



unzip ssl-handshake-v1.6.0-windows-amd64.zip

Enter fullscreen mode Exit fullscreen mode




Development

If you wish to contribute or compile from source code, you'll first need Go installed on your machine. Go version 1.17+ is required. Currently, there are no dependencies on third-party modules.



git clone https://github.com/tuladhar/ssl-handshake
cd ssl-handshake
go build

Enter fullscreen mode Exit fullscreen mode




Contributors

Top comments (0)