DEV Community

Puru
Puru

Posted on

Testing SSL/TLS handshake latency using ssl-handshake

A command-line tool for testing SSL/TLS handshake latency, written in Go.

Features

  • TCP handshake latency
  • SSL/TLS handshake latency
  • TLS version used during the handshake
  • Display handshake statistics
  • Configurable endpoint port, handshake interval, timeout and count

ssl handshake in action

What is an SSL/TLS Handshake?

An SSL/TLS handshake is the process that kicks off a communication session between client and server that uses TLS encryption. During a TLS handshake, the two communicating sides exchange messages to acknowledge each other, verify each other, establish the encryption algorithms they will use, and agree on session keys. TLS handshakes are a foundational part of how HTTPS works and it is defined in RFC 8446 (for TLS 1.3) or in RFC 5246 (for TLS 1.2).

TLS handshakes occur after a TCP connection has been opened via a TCP handshake.

image

TLS handshake packets captured with Wireshark.

image

Docker Image

Docker image is publicly available at DockerHub:

Run ssl-handshake as Docker container:

docker run --rm ptuladhar/ssl-handshake -c 5 tuladhar.github.io:443
Enter fullscreen mode Exit fullscreen mode

You can also alias ssl-handshake, for ease of use:

alias ssl-handshake="docker run --rm ptuladhar/ssl-handshake"
ssl-handshake tuladhar.github.com:443
Enter fullscreen mode Exit fullscreen mode

Install binary

Binary is available for Linux, Windows and Mac OS (amd64 and arm64). Download the binary for your respective platform from the releases page.

Linux:

curl -sSLO https://github.com/tuladhar/ssl-handshake/releases/download/v1.6.0/ssl-handshake-v1.6.0-linux-amd64.tar.gz
Enter fullscreen mode Exit fullscreen mode
tar zxf ssl-handshake-v1.6.0-linux-amd64.tar.gz
Enter fullscreen mode Exit fullscreen mode
sudo install -m 0755 ssl-handshake /usr/local/bin/ssl-handshake
Enter fullscreen mode Exit fullscreen mode

macOS (Intel):

curl -sSLO https://github.com/tuladhar/ssl-handshake/releases/download/v1.6.0/ssl-handshake-v1.6.0-darwin-amd64.tar.gz
Enter fullscreen mode Exit fullscreen mode
tar zxf ssl-handshake-v1.6.0-darwin-amd64.tar.gz
Enter fullscreen mode Exit fullscreen mode
sudo install -m 0755 ssl-handshake /usr/local/bin/ssl-handshake
Enter fullscreen mode Exit fullscreen mode

macOS (Apple Silicon):

curl -sSLO https://github.com/tuladhar/ssl-handshake/releases/download/v1.6.0/ssl-handshake-v1.6.0-darwin-arm64.tar.gz
Enter fullscreen mode Exit fullscreen mode
tar zxf ssl-handshake-v1.6.0-darwin-arm64.tar.gz
Enter fullscreen mode Exit fullscreen mode
sudo install -m 0755 ssl-handshake /usr/local/bin/ssl-handshake
Enter fullscreen mode Exit fullscreen mode

Windows:

curl -sSLO https://github.com/tuladhar/ssl-handshake/releases/download/v1.6.0/ssl-handshake-v1.6.0-windows-amd64.zip
Enter fullscreen mode Exit fullscreen mode
unzip ssl-handshake-v1.6.0-windows-amd64.zip
Enter fullscreen mode Exit fullscreen mode

Development

If you wish to contribute or compile from source code, you'll first need Go installed on your machine. Go version 1.17+ is required. Currently, there are no dependencies on third-party modules.

git clone https://github.com/tuladhar/ssl-handshake
cd ssl-handshake 
go build
Enter fullscreen mode Exit fullscreen mode

Contributors

Top comments (0)