原先是想要做 curl -I https://IP 檢驗時,在想怎樣處理憑證檢驗,像是多塞 "Host: test.com" 是不是有用,最後查了一下,要反過來想,可以多增加 --resolve 參數去指定,如此就可以測試指定的機器了
% man curl...--resolve <[+]host:port:addr[,addr]...>Provide a custom address for a specific host and port pair. Using this, you can make the curl requests(s) use a specifiedaddress and prevent the otherwise normally resolved address to be used. Consider it a sort of /etc/hosts alternativeprovided on the command line. The port number should be the number used for the specific protocol the host will be used for.It means you need several entries if you want to provide address for the same host but different ports.By specifying '*' as host you can tell curl to resolve any host and specific port pair to the specified address. Wildcard isresolved last so any --resolve with a specific host and port will be used first.The provided address set by this option will be used even if --ipv4 or --ipv6 is set to make curl use another IP version.By prefixing the host with a '+' you can make the entry time out after curl's default timeout (1 minute). Note that thiswill only make sense for long running parallel transfers with a lot of files. In such cases, if this option is used curlwill try to resolve the host as it normally would once the timeout has expired.Support for providing the IP address within [brackets] was added in 7.57.0.Support for providing multiple IP addresses per entry was added in 7.59.0.Support for resolving with wildcard was added in 7.64.0.Support for the '+' prefix was was added in 7.75.0.This option can be used many times to add many host names to resolve.Example:curl --resolve example.com:443:127.0.0.1 https://example.comSee also --connect-to and --alt-svc.
這用法可以用在 load balancer 或 GeoDNS 後面的機器群測試,也能拿來測試某機器的 SSL 憑證是否設定正常。
沒有留言:
張貼留言