We need to understand TLS first, TLS (Transport Layer Security) is a cryptographic protocol designed to provide communications security over a computer network, such as the Internet. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS weaknesses

The weakness primarily stem from using deprecated protocols (TLS 1.0/1.1), weak cipher suites (e.g., 3DES, RC4), and misconfigured certificates, enabling man-in-the-middle (MITM) attacks and data decryption

So….the Solution

First things first, we get the IP address of the website using dig, host etc.

None

Then we try to curl the website curl http://51.158.147.132.

This will not work as the certificate does not match the IP address,

None
curl command

so we need to tell curl that we have to do it insecurely, therefore we add — — insecure to the command,

None
curl command with the insecure and verbose option

we can also do it in verbose mode to see more details on what goes on. We add -v, you can tinker with more commands to get more details on the application information