![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
gdt$ wget --output-document=/dev/null --server-response --max-redirect=0 --header 'Host:www.example.com' http://192.0.2.1/ --2017-08-28 11:50:11-- http://192.0.2.1/ Connecting to 192.0.2.1:80... connected. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Content-Length: 0 Location: https://www.example.com/ Date: Mon, 28 Aug 2017 02:20:11 GMT Connection: keep-alive X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000; includeSubDomains X-XSS-Protection: 1; mode=block Location: https://www.example.com/ [following] 0 redirections exceeded.
Now let's pull the redirected URL, but from the IP address we want to use rather than letting the resolver choose:
$ wget --output-document=/dev/null --server-response --max-redirect=0 --header 'Host:www.example.com' --no-check-certificate https://192.0.2.1/
--2017-08-28 11:53:50-- https://192.0.2.1/
Connecting to 192.0.2.1:443... connected.
The certificate's owner does not match hostname ‘192.0.2.1’
HTTP request sent, awaiting response...
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=edge
Content-Length: 248263
Cache-Control: private, no-cache
Expires: Mon, 28 Aug 2017 02:23:50 GMT
Date: Mon, 28 Aug 2017 02:23:50 GMT
Connection: keep-alive
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
Length: 248263 (242K) [text/html]
Saving to: ‘/dev/null’
/dev/null 100%[===================>] 242.44K --.-KB/s in 0.03s
2017-08-28 11:53:50 (7.77 MB/s) - ‘/dev/null’ saved [248263/248263]
A similar thing can be done with OpenSSL's client:
$ openssl s_client -connect 192.0.2.1:443 -tls1_2