$ openssl s_client -host www.citibank.com -port 443
CONNECTED(00000003)
depth=2 /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
verify error:num=19:self signed certificate in certificate chain
verify return:0
---
Certificate chain
 0 s:/C=US/ST=New Jersey/L=Weehawken/O=Citigroup/OU=whg-oak10/OU=Terms of use at www.verisign.com/rpa (c)00/CN=www.citibank.com
   i:/O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Server CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
 1 s:/O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Server CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
   i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
 2 s:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
   i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIEajCCA9OgAwIBAgIQRHragloq8KhRRM6Uq05kHjANBgkqhkiG9w0BAQUFADCB
ujEfMB0GA1UEChMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVy
aVNpZ24sIEluYy4xMzAxBgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2Vy
dmVyIENBIC0gQ2xhc3MgMzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMg
SW5jb3JwLmJ5IFJlZi4gTElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjAeFw0w
NjA5MTUwMDAwMDBaFw0wODA5MTQyMzU5NTlaMIGuMQswCQYDVQQGEwJVUzETMBEG
A1UECBMKTmV3IEplcnNleTESMBAGA1UEBxQJV2VlaGF3a2VuMRIwEAYDVQQKFAlD
aXRpZ3JvdXAxEjAQBgNVBAsUCXdoZy1vYWsxMDEzMDEGA1UECxQqVGVybXMgb2Yg
dXNlIGF0IHd3dy52ZXJpc2lnbi5jb20vcnBhIChjKTAwMRkwFwYDVQQDFBB3d3cu
Y2l0aWJhbmsuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCi6yWHwQLX
FtDniRgfSLrc89KWA4R9kYP4/ETgh1X46ICC5K+lGrO3pHcgTWje/MXrTLyHg8kc
H961tX+p3J/yawLwB7knL9yk36UGI+1mf9KF6dXg+fqE3YabAmmb2L+UgUGw+jK0
C6Jay3tY851n8CE88U06Rj5l8aNEidwX2QIDAQABo4IBeTCCAXUwCQYDVR0TBAIw
ADALBgNVHQ8EBAMCBaAwRgYDVR0fBD8wPTA7oDmgN4Y1aHR0cDovL2NybC52ZXJp
c2lnbi5jb20vQ2xhc3MzSW50ZXJuYXRpb25hbFNlcnZlci5jcmwwRAYDVR0gBD0w
OzA5BgtghkgBhvhFAQcXAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJp
c2lnbi5jb20vcnBhMCgGA1UdJQQhMB8GCWCGSAGG+EIEAQYIKwYBBQUHAwEGCCsG
AQUFBwMCMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au
dmVyaXNpZ24uY29tMG0GCCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dp
ZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9s
b2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMA0GCSqGSIb3DQEBBQUAA4GBABOe
XaC4dGtEXon1Lz75k4VdW7+3cIXqiMi8N9uKYT89KX8R+sbB5CpkY8iYQciJpUb6
x7VG1/E41iRORVRTu/jpAGlls2oTogx6oLOFvar1E0KcLaOanz8ujxYTu33E99Ns
kJ2WiTaMdCd0AQD4QjKksczWUI77t9a6/vi7sQLS
-----END CERTIFICATE-----
subject=/C=US/ST=New Jersey/L=Weehawken/O=Citigroup/OU=whg-oak10/OU=Terms of use at www.verisign.com/rpa (c)00/CN=www.citibank.com
issuer=/O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Server CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
---
No client certificate CA names sent
---
SSL handshake has read 2755 bytes and written 300 bytes
---
New, TLSv1/SSLv3, Cipher is RC4-MD5
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : RC4-MD5
    Session-ID: 092472557B1CB1BF58B7F5D4DE83D47AF02F4E8070CED0CDC84F18F5332DC952
    Session-ID-ctx: 
    Master-Key: 81ACCE4213A01D3157719838677601C2E1953F07CACF7FA985995AF173EFBA95E16FE07A74D40E332E0C8A31A1398A44
    Key-Arg   : None
    Start Time: 1199816723
    Timeout   : 300 (sec)
    Verify return code: 19 (self signed certificate in certificate chain)
---
GET / HTTP/1.1
Host: www.citibank.com

HTTP/1.1 302 Moved Temporarily
Server: ""
Date: Tue, 08 Jan 2008 18:25:36 GMT
Content-length: 0
Location: http://www.citibank.com/us/index.htm

GET /us/index.htm HTTP/1.1
Host: www.citibank.com

HTTP/1.1 404 Not found
Server: ""
Date: Tue, 08 Jan 2008 18:25:50 GMT
Content-type: text/html
Transfer-encoding: chunked

13e7
<HTML>
<HEAD>
	<style>
	<!--
		body {
			background: #fff;
		}
....... and so on .......

Try for yourself! Just type the magic words:
GET / HTTP/1.1
Host: my.host.de

What does that mean?
GET        - GET something from the server.
/          - get the the main page.
HTTP/1.1   - I'm using the version 1.1 of the HTTP-protocol, so expect...
Host:      - ...me to tell you which virtual host I want:
my.host.de - Voila!

And if you look close, you'll find out what I did wrong...

January 8th, Alexander Janssen.