Curl's --connect-to

May 30, 2020

For a long time I’ve used a command like

1
curl -kH 'Host: testingappnodea.internal' app.testing.example.com

to curl a specific host behind a load balancer.

Today I’ve learned about curl’s --connect-to option.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
--connect-to <HOST1:PORT1:HOST2:PORT2>
    For  a  request  to the given HOST:PORT pair, connect to CONNECT-TO-HOST:CONNECT-TO-PORT instead.  This option is suitable to direct requests at a spe-
    cific server, e.g. at a specific cluster node in a cluster of servers.  This option is only used to establish  the  network  connection.  It  does  NOT
    affect  the hostname/port that is used for TLS/SSL (e.g. SNI, certificate verification) or for the application protocols.  "host" and "port" may be the
    empty string, meaning "any host/port".  "connect-to-host" and "connect-to-port" may also be the empty  string,  meaning  "use  the  request's  original
    host/port".

    This option can be used many times to add many connect rules.

    See also --resolve and -H, --header. Added in 7.49.0.

Now I use more explicit and straight-forward

1
curl -k --connect-to testingappnodea.internal:443 app.testing.example.com