tcpbin.com - A TCP echo server with TLS and mTLS
tcpbin.com is a TCP echo server service developed for demo and integration test purposes.The examples below are for shell based access but you can achieve the same from programming language of your choice.
Features
- TCP echo server (port 4242)
- TCP echo server with TLS support (port 4243)
- TCP echo server with client authentication or mTLS (port 4244)
How to use?
Here are some simple examples to test use the endpoints:
TCP echo
$ nc tcpbin.com 4242
Hello server!
Hello server!
TCP echo with TLS encryption
$ openssl s_client -crlf -connect tcpbin.com:4243 -quiet
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = tcpbin.com
verify return:1
An encrypted hello!
An encrypted hello!
TCP echo with mutual authentication
Please see below on how to get your certificate and private key.
$ openssl s_client -connect tcpbin.com:4244 -cert client_cert -key client_key -quiet
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = tcpbin.com
verify return:1
An encrypted and authenticated hello!
An encrypted and authenticated hello!
Getting client certificate and key for mTLS
To authenticate on port 4244, you will need a valid client certificate and key. Please note that the CA used for this purpose is an open CA, meaning it should not be trusted for anything other than this service. There are two ways to generate the client certificate:
-
API:
curl -s https://tcpbin.com/api/client-cert > pair.json
cat pair.json | jq ".key" -r > client_key
cat pair.json | jq ".cert" -r > client_cert
This endpoint generates a client certificate and key for you. - Generate yourself:
Use the CA private key and certificate and create client certificates yourself!