RSS

Test TLS Connection Ciphers TLS Version and Certificate with OpenSSL Command Line

Use OpenSSL command line to test and check TLS/SSL server connectivity, cipher suites, TLS/SSL version, check server certificate etc. TLS 1.2 and TLS 1.3 test support. Force TLS 1.2, Force TLS 1.3. STARTTLS test. openssl s_client example commands with detail output. Works on Linux, windows and Mac OS X.

Introduction

openssl s_client is an SSL/TLS client program that can be used to test TLS server connectivity, TLS/SSL version support, check cipher suites, and verify server certificate. It is a very useful diagnostic tool for SSL servers.

Usage: s_client [options]
Valid options are:
 -help                      Display this summary
 -host val                  Use -connect instead
 -port +int                 Use -connect instead
 -connect val               TCP/IP where to connect (default is :4433)
 -bind val                  bind local address for connection
 -proxy val                 Connect to via specified proxy to the real server
 -unix val                  Connect over the specified Unix-domain socket
 -4                         Use IPv4 only
 -6                         Use IPv6 only
 -verify +int               Turn on peer certificate verification
 -cert infile               Certificate file to use, PEM format assumed
 -certform PEM|DER          Certificate format (PEM or DER) PEM default
 -nameopt val               Various certificate name options
 -key val                   Private key file to use, if not in -cert file
 -keyform PEM|DER|ENGINE    Key format (PEM, DER or engine) PEM default
 -pass val                  Private key file pass phrase source
 -CApath dir                PEM format directory of CA's
 -CAfile infile             PEM format file of CA's
 -no-CAfile                 Do not load the default certificates file
 -no-CApath                 Do not load certificates from the default certificates directory
 -requestCAfile infile      PEM format file of CA names to send to the server
 -dane_tlsa_domain val      DANE TLSA base domain
 -dane_tlsa_rrdata val      DANE TLSA rrdata presentation form
 -dane_ee_no_namechecks     Disable name checks when matching DANE-EE(3) TLSA records
 -reconnect                 Drop and re-make the connection with the same Session-ID
 -showcerts                 Show all certificates sent by the server
 -debug                     Extra output
 -msg                       Show protocol messages
 -msgfile outfile           File to send output of -msg or -trace, instead of stdout
 -nbio_test                 More ssl protocol testing
 -state                     Print the ssl states
 -crlf                      Convert LF from terminal into CRLF
 -quiet                     No s_client output
 -ign_eof                   Ignore input eof (default when -quiet)
 -no_ign_eof                Don't ignore input eof
 -starttls val              Use the appropriate STARTTLS command before starting TLS
 -xmpphost val              Alias of -name option for "-starttls xmpp[-server]"
 -rand val                  Load the file(s) into the random number generator
 -writerand outfile         Write random data to the specified file
 -sess_out outfile          File to write SSL session to
 -sess_in infile            File to read SSL session from
 -use_srtp val              Offer SRTP key management with a colon-separated profile list
 -keymatexport val          Export keying material using label
 -keymatexportlen +int      Export len bytes of keying material (default 20)
 -maxfraglen +int           Enable Maximum Fragment Length Negotiation (len values: 512, 1024, 2048 and 4096)
 -fallback_scsv             Send the fallback SCSV
 -name val                  Hostname to use for "-starttls lmtp", "-starttls smtp" or "-starttls xmpp[-server]"
 -CRL infile                CRL file to use
 -crl_download              Download CRL from distribution points
 -CRLform PEM|DER           CRL format (PEM or DER) PEM is default
 -verify_return_error       Close connection on verification error
 -verify_quiet              Restrict verify output to errors
 -brief                     Restrict output to brief summary of connection parameters
 -prexit                    Print session information when the program exits
 -security_debug            Enable security debug messages
 -security_debug_verbose    Output more security debug output
 -cert_chain infile         Certificate chain file (in PEM format)
 -chainCApath dir           Use dir as certificate store path to build CA certificate chain
 -verifyCApath dir          Use dir as certificate store path to verify CA certificate
 -build_chain               Build certificate chain
 -chainCAfile infile        CA file for certificate chain (PEM format)
 -verifyCAfile infile       CA file for certificate verification (PEM format)
 -nocommands                Do not use interactive command letters
 -servername val            Set TLS extension servername (SNI) in ClientHello (default)
 -noservername              Do not send the server name (SNI) extension in the ClientHello
 -tlsextdebug               Hex dump of all TLS extensions received
 -status                    Request certificate status from server
 -serverinfo val            types  Send empty ClientHello extensions (comma-separated numbers)
 -alpn val                  Enable ALPN extension, considering named protocols supported (comma-separated list)
 -async                     Support asynchronous operation
 -ssl_config val            Use specified configuration file
 -max_send_frag +int        Maximum Size of send frames
 -split_send_frag +int      Size used to split data for encrypt pipelines
 -max_pipelines +int        Maximum number of encrypt/decrypt pipelines to be used
 -read_buf +int             Default read buffer size to be used for connections
 -no_ssl3                   Just disable SSLv3
 -no_tls1                   Just disable TLSv1
 -no_tls1_1                 Just disable TLSv1.1
 -no_tls1_2                 Just disable TLSv1.2
 -no_tls1_3                 Just disable TLSv1.3
 -bugs                      Turn on SSL bug compatibility
 -no_comp                   Disable SSL/TLS compression (default)
 -comp                      Use SSL/TLS-level compression
 -no_ticket                 Disable use of TLS session tickets
 -serverpref                Use server's cipher preferences
 -legacy_renegotiation      Enable use of legacy renegotiation (dangerous)
 -no_renegotiation          Disable all renegotiation.
 -legacy_server_connect     Allow initial connection to servers that don't support RI
 -no_resumption_on_reneg    Disallow session resumption on renegotiation
 -no_legacy_server_connect  Disallow initial connection to servers that don't support RI
 -allow_no_dhe_kex          In TLSv1.3 allow non-(ec)dhe based key exchange on resumption
 -prioritize_chacha         Prioritize ChaCha ciphers when preferred by clients
 -strict                    Enforce strict certificate checks as per TLS standard
 -sigalgs val               Signature algorithms to support (colon-separated list)
 -client_sigalgs val        Signature algorithms to support for client certificate authentication (colon-separated list)
 -groups val                Groups to advertise (colon-separated list)
 -curves val                Groups to advertise (colon-separated list)
 -named_curve val           Elliptic curve used for ECDHE (server-side only)
 -cipher val                Specify TLSv1.2 and below cipher list to be used
 -ciphersuites val          Specify TLSv1.3 ciphersuites to be used
 -min_protocol val          Specify the minimum protocol version to be used
 -max_protocol val          Specify the maximum protocol version to be used
 -record_padding val        Block size to pad TLS 1.3 records to.
 -debug_broken_protocol     Perform all sorts of protocol violations for testing purposes
 -no_middlebox              Disable TLSv1.3 middlebox compat mode
 -policy val                adds policy to the acceptable policy set
 -purpose val               certificate chain purpose
 -verify_name val           verification policy name
 -verify_depth int          chain depth limit
 -auth_level int            chain authentication security level
 -attime intmax             verification epoch time
 -verify_hostname val       expected peer hostname
 -verify_email val          expected peer email
 -verify_ip val             expected peer IP address
 -ignore_critical           permit unhandled critical extensions
 -issuer_checks             (deprecated)
 -crl_check                 check leaf certificate revocation
 -crl_check_all             check full chain revocation
 -policy_check              perform rfc5280 policy checks
 -explicit_policy           set policy variable require-explicit-policy
 -inhibit_any               set policy variable inhibit-any-policy
 -inhibit_map               set policy variable inhibit-policy-mapping
 -x509_strict               disable certificate compatibility work-arounds
 -extended_crl              enable extended CRL features
 -use_deltas                use delta CRLs
 -policy_print              print policy processing diagnostics
 -check_ss_sig              check root CA self-signatures
 -trusted_first             search trust store first (default)
 -suiteB_128_only           Suite B 128-bit-only mode
 -suiteB_128                Suite B 128-bit mode allowing 192-bit algorithms
 -suiteB_192                Suite B 192-bit-only mode
 -partial_chain             accept chains anchored by intermediate trust-store CAs
 -no_alt_chains             (deprecated)
 -no_check_time             ignore certificate validity time
 -allow_proxy_certs         allow the use of proxy certificates
 -xkey infile               key for Extended certificates
 -xcert infile              cert for Extended certificates
 -xchain infile             chain for Extended certificates
 -xchain_build              build certificate chain for the extended certificates
 -xcertform PEM|DER         format of Extended certificate (PEM or DER) PEM default
 -xkeyform PEM|DER          format of Extended certificate's key (PEM or DER) PEM default
 -tls1                      Just use TLSv1
 -tls1_1                    Just use TLSv1.1
 -tls1_2                    Just use TLSv1.2
 -tls1_3                    Just use TLSv1.3
 -dtls                      Use any version of DTLS
 -timeout                   Enable send/receive timeout on DTLS connections
 -mtu +int                  Set the link layer MTU
 -dtls1                     Just use DTLSv1
 -dtls1_2                   Just use DTLSv1.2
 -nbio                      Use non-blocking IO
 -psk_identity val          PSK identity
 -psk val                   PSK in hex (without 0x)
 -psk_session infile        File to read PSK SSL session from
 -srpuser val               SRP authentication for 'user'
 -srppass val               Password for 'user'
 -srp_lateuser              SRP username into second ClientHello message
 -srp_moregroups            Tolerate other than the known g N values.
 -srp_strength +int         Minimal length in bits for N
 -nextprotoneg val          Enable NPN extension, considering named protocols supported (comma-separated list)
 -engine val                Use engine, possibly a hardware device
 -ssl_client_engine val     Specify engine to be used for client certificate operations
 -ct                        Request and parse SCTs (also enables OCSP stapling)
 -noct                      Do not request or parse SCTs (default)
 -ctlogfile infile          CT log list CONF file
 -keylogfile outfile        Write TLS secrets to file
 -early_data infile         File to send as early data
 -enable_pha                Enable post-handshake-authentication

openssl s_client usage examples

Use -connect <host>:<port> to connect to a TLS server

Use -connect <host>:<port> to connect to a TLS server and see TLS handshake process, server certificate:

$ openssl s_client -connect www.google.com:443
CONNECTED(00000005)
depth=2 OU = GlobalSign Root CA - R2, O = GlobalSign, CN = GlobalSign
verify return:1
depth=1 C = US, O = Google Trust Services, CN = GTS CA 1O1
verify return:1
depth=0 C = US, ST = California, L = Mountain View, O = Google LLC, CN = www.google.com
verify return:1
---
Certificate chain
 0 s:/C=US/ST=California/L=Mountain View/O=Google LLC/CN=www.google.com
   i:/C=US/O=Google Trust Services/CN=GTS CA 1O1
 1 s:/C=US/O=Google Trust Services/CN=GTS CA 1O1
   i:/OU=GlobalSign Root CA - R2/O=GlobalSign/CN=GlobalSign
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIQUvtF6bzAHyEDAAAAAMMjOTANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVR29vZ2xlIFRydXN0IFNlcnZpY2VzMRMw
EQYDVQQDEwpHVFMgQ0EgMU8xMB4XDTIwMTIxNTE0MzYxNVoXDTIxMDMwOTE0MzYx
NFowaDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcT
DU1vdW50YWluIFZpZXcxEzARBgNVBAoTCkdvb2dsZSBMTEMxFzAVBgNVBAMTDnd3
dy5nb29nbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPmk
rg4JZBqxukAqXcsIyoQ7EfkoYZooKy9OGOk0FsbA662QAhRvLyScRnAaKLeT/s1p
lOzLIguQKCl8GkrNJRWjhhG9G95IWGOCuOxjdvRWF5RADpIPbapGAH0awFsO9hlg
VzxsuZC+hHOrAVvUAI5x7tYhz6SYMjsbj0BUz2WzEnSXonY85Zy825rFBjpfJf69
CGJpCx1+T4w7USP7GqsdpI8kNSHfFSbt7Z8U5mdn4LG7tvaMS/oVlcE2P5O09lDT
Yz1+MlxIeQnzSFt0R9S2Xrbv6oNuEdzoqKFXEHcQ+SDcf4Kb5ghpPezjiufwtotR
/gwqXHrMLTZ3lzsMzQIDAQABo4ICXTCCAlkwDgYDVR0PAQH/BAQDAgWgMBMGA1Ud
JQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFGfXwgDfHBsH
oA7W51LPuYfBeHI0MB8GA1UdIwQYMBaAFJjR+G4Q68+b7GCfGJAboOt9Cf0rMGgG
CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAYYfaHR0cDovL29jc3AucGtpLmdvb2cv
Z3RzMW8xY29yZTArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nL2dzcjIvR1RT
MU8xLmNydDAZBgNVHREEEjAQgg53d3cuZ29vZ2xlLmNvbTAhBgNVHSAEGjAYMAgG
BmeBDAECAjAMBgorBgEEAdZ5AgUDMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9j
cmwucGtpLmdvb2cvR1RTMU8xY29yZS5jcmwwggEFBgorBgEEAdZ5AgQCBIH2BIHz
APEAdgD2XJQv0XcwIhRUGAgwlFaO400TGTO/3wwvIAvMTvFk4wAAAXZnC4CJAAAE
AwBHMEUCIERZyIP0GBfWUDPpmMCMVYBgpSKpIQuqnsFo2MoRHDWsAiEA/+nQTy9E
sKLKfzDABLRUz/P+TZGGjM7UVQjtWe/+s+sAdwBc3EOS/uarRUSxXprUVuYQN/vV
+kfcoXOUsl7m9scOygAAAXZnC4C7AAAEAwBIMEYCIQCPyfB8H0em1gHv8QQeF4zN
Hkfv47lQjNsszABWeYXfwwIhAKngHPHb1UKDE3LMF6FYEdsGOK63kdIfUuyWLX0A
UYszMA0GCSqGSIb3DQEBCwUAA4IBAQAbkVw9feVP0maVCLVO/TKFBQWgcQTHtJGI
k2YTSZCSwLYe7Xboae5t6inwKu0yB+bYqUC2itFpv7BCsZv4rPOH6zBHHH2CSlZB
1XI40WrnPwGMr3P1aR2dsUw1gDEXFwgXdFbL/u/9WUjeUogQULSFxqJXrYB693az
96FCwtoSg3+WC5IcEJElDEE0kgS8o5ZyJ4GLmLBYsWcMkbx80/pDf71ylBts63e0
u5k2sQuBcNhIGaRIFmP9SHYXyTtSlaB84RwThgkhr40S3QZWDNiqht2WnM65UHUR
CVEiml3bIKMz+fLaOgroFKQy8uBw7tei+gzbbqqyJbicdgcSDgd3
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Mountain View/O=Google LLC/CN=www.google.com
issuer=/C=US/O=Google Trust Services/CN=GTS CA 1O1
---
No client certificate CA names sent
Server Temp Key: ECDH, X25519, 253 bits
---
SSL handshake has read 3208 bytes and written 281 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-CHACHA20-POLY1305
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-CHACHA20-POLY1305
    Session-ID: EDF30CC8709D2A7E5930E21DF4FC95B10C0438A6BBB64D550C975936B1B2E7B7
    Session-ID-ctx:
    Master-Key: 6C731ACB4248F67690838BE615E945E8D7CDD418794C54F5E33BF7487939EDC0C13DBED09DEC2A95F093F63713250762
    TLS session ticket lifetime hint: 100800 (seconds)
    TLS session ticket:
    0000 - 01 56 db 77 af 6f 79 83-c8 d1 36 2b 85 d6 e4 15   .V.w.oy...6+....
    0010 - 25 4e 56 25 b7 1b 2b 3a-18 a8 5b 4a 9d 7b 82 5b   %NV%..+:..[J.{.[
    0020 - 28 73 44 7e a5 74 12 7d-63 56 39 02 7e 74 9c 11   (sD~.t.}cV9.~t..
    0030 - cf c9 d3 a2 b0 c7 42 26-1b 05 ba 70 0b f0 16 78   ......B&...p...x
    0040 - d0 83 8c bd 49 3c b3 f5-e7 49 e8 21 ab 3c 46 9d   ....I<...I.!.<F.
    0050 - 0d 26 2e 3a 86 0b d5 ba-64 c0 59 65 0c 26 cc b6   .&.:....d.Ye.&..
    0060 - 18 3d f4 55 ad fd 82 d0-c1 b0 3e c9 45 65 71 cf   .=.U......>.Eeq.
    0070 - 76 c1 86 fa 85 d0 17 40-48 9f 33 03 64 ad 76 83   v......@H.3.d.v.
    0080 - d5 0a cf 74 2f 71 3d 6b-4d be 55 08 9f a8 87 9b   ...t/q=kM.U.....
    0090 - 03 18 0e 9e 99 bc d5 d6-b8 1c 95 d4 55 27 b3 00   ............U'..
    00a0 - a8 2d 83 c2 1d ee 49 3e-06 a9 98 67 14 68 7e ac   .-....I>...g.h~.
    00b0 - dd 95 85 55 4e 56 b8 88-e2 71 98 8d c4 93 e9 65   ...UNV...q.....e
    00c0 - 31 0e b7 9a 87 bd 90 9d-dc 8e e5 d2 6a 34 16 53   1...........j4.S
    00d0 - dd 71 d3 70 62 d7 b6 43-81 96 3f b9 7b            .q.pb..C..?.{

    Start Time: 1610932834
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
---
GET / HTTP/1.1

HTTP/1.1 200 OK
Date: Mon, 18 Jan 2021 01:20:39 GMT

After connected, you can send HTTP request like GET:

GET / HTTP/1.1
Host: google.com

Use -showcerts to show all certificates in the chain

By default, only the server’s certificate is printed in output. To print all the certificate chain, need use -showcerts:

$ openssl s_client -connect dns.google:853 -showcerts
CONNECTED(00000006)
depth=2 OU = GlobalSign Root CA - R2, O = GlobalSign, CN = GlobalSign
verify return:1
depth=1 C = US, O = Google Trust Services, CN = GTS CA 1O1
verify return:1
depth=0 C = US, ST = California, L = Mountain View, O = Google LLC, CN = dns.google
verify return:1
---
Certificate chain
 0 s:/C=US/ST=California/L=Mountain View/O=Google LLC/CN=dns.google
   i:/C=US/O=Google Trust Services/CN=GTS CA 1O1
-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgIRAJTRUTehSoT8AwAAAADDI0EwDQYJKoZIhvcNAQELBQAw
QjELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFUdvb2dsZSBUcnVzdCBTZXJ2aWNlczET
MBEGA1UEAxMKR1RTIENBIDFPMTAeFw0yMDEyMTUxNDM2MjZaFw0yMTAzMDkxNDM2
MjVaMGQxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH
Ew1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgTExDMRMwEQYDVQQDEwpk
bnMuZ29vZ2xlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/ulxhYN
FowGZ+8VIk8eIWsj/tHekcfTtmtIP9KgdhyXlmXXlntHx330XiX9UfCSfbnu3UP5
Za/BM8rRm+3yVCsi0QVU+mey35hLLdBaKvdmrTQkYIdVhHDWGQN8C1f6UGq8nNPN
X7HLyxxXa03vEpLvtaSzULVprYfppGlqDLvUqqVbF9loTtZp6sdtPYAM0j8O71SK
DnUCdMu3WGPEhK2ImyUdk6Oq+CFueRNLbBL6Lfkd1NWLyebpbKQcMNmSbQfphZga
4WXmfhXWF5Vblyn4FBxarw96O1FDX/jUdOFbKRfR0GxvhS5Qt+dPEhom52JdTth6
dfLtmbvdnqPcAwIDAQABo4IC7zCCAuswDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM
MAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJrgW406vF0JgE8F
CJd5Cgc1/RDOMB8GA1UdIwQYMBaAFJjR+G4Q68+b7GCfGJAboOt9Cf0rMGgGCCsG
AQUFBwEBBFwwWjArBggrBgEFBQcwAYYfaHR0cDovL29jc3AucGtpLmdvb2cvZ3Rz
MW8xY29yZTArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nL2dzcjIvR1RTMU8x
LmNydDCBrAYDVR0RBIGkMIGhggpkbnMuZ29vZ2xlghAqLmRucy5nb29nbGUuY29t
ggs4ODg4Lmdvb2dsZYIOZG5zLmdvb2dsZS5jb22CEGRuczY0LmRucy5nb29nbGWH
ECABSGBIYAAAAAAAAAAAAGSHECABSGBIYAAAAAAAAAAAZGSHECABSGBIYAAAAAAA
AAAAiESHECABSGBIYAAAAAAAAAAAiIiHBAgIBASHBAgICAgwIQYDVR0gBBowGDAI
BgZngQwBAgIwDAYKKwYBBAHWeQIFAzAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8v
Y3JsLnBraS5nb29nL0dUUzFPMWNvcmUuY3JsMIIBAwYKKwYBBAHWeQIEAgSB9ASB
8QDvAHUA9lyUL9F3MCIUVBgIMJRWjuNNExkzv98MLyALzE7xZOMAAAF2ZwuscwAA
BAMARjBEAiAWqt7W7bSnzvbUwayFoEbGWagFR2K+itqZCW5NF4WG2AIgJ38Z6+ZF
eCnzIrOcZejKC/uj095tb1fIhhALpfNJEMIAdgCUILwejtWNbIhzH4KLIiwN0dpN
XmxPlD1h204vWE2iwgAAAXZnC6x9AAAEAwBHMEUCIQC/+FJmLcs2ijzNDaw8spRE
y5+9x53+ZzSUS55Dvun5GQIgV7cuRxpIdZ80U4d4B8zXliMiCMX2ppZ11R2Yof27
/5cwDQYJKoZIhvcNAQELBQADggEBADuBZ8NVva0NDcVcBDsy571lS/05TbHvq9u4
xzbqIwEjrX8LhJpEs9n/ZNcClzS63laDGSB8NtOLy1X4BIUoQXOBZ59Nhm43bJCO
ObwlZVOJvU8tQ3RajQeJ6vvBQEFtbTxPAphjrPWcrmt5Rn4nIToHRApd8SPgBAXo
e+T9S2MKFJh7M18VcSUpi8qUphwKoc3w1AMcZnrbM2WE6xdY/7H48pVijdNgyMau
VwAMTKh7a2fEs6/jAZHWbAnjtQQc3ltOWZO/h7MbG38TKbvTud8+JZQdcwCM5cS5
MnwzXvYoyKQEc4sHj9scMKnXyM9Cgbqh0wGH0eaIscCNIu7ULeU=
-----END CERTIFICATE-----
 1 s:/C=US/O=Google Trust Services/CN=GTS CA 1O1
   i:/OU=GlobalSign Root CA - R2/O=GlobalSign/CN=GlobalSign
-----BEGIN CERTIFICATE-----
MIIESjCCAzKgAwIBAgINAeO0mqGNiqmBJWlQuDANBgkqhkiG9w0BAQsFADBMMSAw
HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFs
U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xNzA2MTUwMDAwNDJaFw0yMTEy
MTUwMDAwNDJaMEIxCzAJBgNVBAYTAlVTMR4wHAYDVQQKExVHb29nbGUgVHJ1c3Qg
U2VydmljZXMxEzARBgNVBAMTCkdUUyBDQSAxTzEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQGM9F1IvN05zkQO9+tN1pIRvJzzyOTHW5DzEZhD2ePCnv
UA0Qk28FgICfKqC9EksC4T2fWBYk/jCfC3R3VZMdS/dN4ZKCEPZRrAzDsiKUDzRr
mBBJ5wudgzndIMYcLe/RGGFl5yODIKgjEv/SJH/UL+dEaltN11BmsK+eQmMF++Ac
xGNhr59qM/9il71I2dN8FGfcddwuaej4bXhp0LcQBbjxMcI7JP0aM3T4I+DsaxmK
FsbjzaTNC9uzpFlgOIg7rR25xoynUxv8vNmkq7zdPGHXkxWY7oG9j+JkRyBABk7X
rJfoucBZEqFJJSPk7XA0LKW0Y3z5oz2D0c1tJKwHAgMBAAGjggEzMIIBLzAOBgNV
HQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1Ud
EwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFJjR+G4Q68+b7GCfGJAboOt9Cf0rMB8G
A1UdIwQYMBaAFJviB1dnHB7AagbeWbSaLd/cGYYuMDUGCCsGAQUFBwEBBCkwJzAl
BggrBgEFBQcwAYYZaHR0cDovL29jc3AucGtpLmdvb2cvZ3NyMjAyBgNVHR8EKzAp
MCegJaAjhiFodHRwOi8vY3JsLnBraS5nb29nL2dzcjIvZ3NyMi5jcmwwPwYDVR0g
BDgwNjA0BgZngQwBAgIwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly9wa2kuZ29vZy9y
ZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAGoA+Nnn78y6pRjd9XlQWNa7H
TgiZ/r3RNGkmUmYHPQq6Scti9PEajvwRT2iWTHQr02fesqOqBY2ETUwgZQ+lltoN
FvhsO9tvBCOIazpswWC9aJ9xju4tWDQH8NVU6YZZ/XteDSGU9YzJqPjY8q3MDxrz
mqepBCf5o8mw/wJ4a2G6xzUr6Fb6T8McDO22PLRL6u3M4Tzs3A2M1j6bykJYi8wW
IRdAvKLWZu/axBVbzYmqmwkm5zLSDW5nIAJbELCQCZwMH56t2Dvqofxs6BBcCFIZ
USpxu6x6td0V7SvJCCosirSmIatj/9dSSVDQibet8q/7UK4v4ZUN80atnZz1yg==
-----END CERTIFICATE-----
---
Server certificate
subject=/C=US/ST=California/L=Mountain View/O=Google LLC/CN=dns.google
issuer=/C=US/O=Google Trust Services/CN=GTS CA 1O1
---
No client certificate CA names sent
Server Temp Key: ECDH, X25519, 253 bits
---
SSL handshake has read 3351 bytes and written 281 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-CHACHA20-POLY1305
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-CHACHA20-POLY1305
    Session-ID: 47BCFDC6F09F1C08656913CAB4851B105FC0366BBDA0469857CF32491EE2459E
    Session-ID-ctx:
    Master-Key: 709A838FB4591838009662B8444D0392728187586EF01A5308004512FA9A78D94FB6A390C136EB772E7AB4B6D5C02801
    TLS session ticket lifetime hint: 100800 (seconds)
    TLS session ticket:
    0000 - 01 67 b1 01 e7 5c 56 42-e2 25 d6 67 47 3f 8f af   .g...\VB.%.gG?..
    0010 - 08 79 f0 be d4 87 3a 6b-3b ab f3 a8 01 15 11 ce   .y....:k;.......
    0020 - f5 f6 db 3f 2d 8a f3 35-28 1c b1 6a 45 7a a8 4b   ...?-..5(..jEz.K
    0030 - 83 94 92 80 98 93 65 6d-45 4b 67 e0 e8 b6 42 3b   ......emEKg...B;
    0040 - ab 67 b2 a3 4f 39 a4 8a-79 07 a5 24 ae da e5 93   .g..O9..y..$....
    0050 - 62 d6 ec 48 ef da 9b b1-4a 21 40 ac 9a 79 ba f4   b..H....J!@..y..
    0060 - 77 62 7e 6f 0b a6 df 32-21 e0 05 55 26 3e 1a 6e   wb~o...2!..U&>.n
    0070 - 2a 27 0f df 93 e2 4b a2-6f d6 4f c1 a5 45 2c 9e   *'....K.o.O..E,.
    0080 - 1e 27 70 b1 02 c7 6c a5-7c 2a eb 5d 87 80 b8 c9   .'p...l.|*.]....
    0090 - 7e d0 86 f4 2a de 5a 5b-f4 85 8e db 5b 8a 27 68   ~...*.Z[....[.'h
    00a0 - 4a f6 48 7a d7 d7 9d 7e-44 07 a9 46 f8 ec 38 93   J.Hz...~D..F..8.
    00b0 - 23 92 b4 d0 b6 d8 2c ac-46 ad 12 4b 59 31 8e 6a   #.....,.F..KY1.j
    00c0 - 8e 2c 4d ad 39 2f 67 33-2b 40 46 ad 27 62 ba 25   .,M.9/g3+@F.'b.%
    00d0 - 2f 52 60 a4 74 71 98 d0-f7 6d 3d db 65            /R`.tq...m=.e

    Start Time: 1610933223
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
---

Use -servername to pass server name (SNI) to openssl s_client

You can connect to IP and pass server name (SNI) to openssl s_client:

 -servername name   Set TLS extension servername in ClientHello (SNI)

Example of use -servername to pass SNI:

$ openssl s_client -connect 93.184.216.34:443 -servername example.com
CONNECTED(00000003)
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1
verify return:1
depth=0 C = US, ST = California, L = Los Angeles, O = Internet\C2\A0Corporation\C2\A0for\C2\A0Assigned\C2\A0Names\C2\A0and\C2\A0Numbers, CN = www.example.org
verify return:1
write W BLOCK
---
Certificate chain
 0 s:/C=US/ST=California/L=Los Angeles/O=Internet\xC2\xA0Corporation\xC2\xA0for\xC2\xA0Assigned\xC2\xA0Names\xC2\xA0and\xC2\xA0Numbers/CN=www.example.org
   i:/C=US/O=DigiCert Inc/CN=DigiCert TLS RSA SHA256 2020 CA1
 1 s:/C=US/O=DigiCert Inc/CN=DigiCert TLS RSA SHA256 2020 CA1
   i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIHSjCCBjKgAwIBAgIQDB/LGEUYx+OGZ0EjbWtz8TANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMzAxMTMwMDAwMDBa
Fw0yNDAyMTMyMzU5NTlaMIGWMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZv
cm5pYTEUMBIGA1UEBxMLTG9zIEFuZ2VsZXMxQjBABgNVBAoMOUludGVybmV0wqBD
b3Jwb3JhdGlvbsKgZm9ywqBBc3NpZ25lZMKgTmFtZXPCoGFuZMKgTnVtYmVyczEY
MBYGA1UEAxMPd3d3LmV4YW1wbGUub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAwoB3iVm4RW+6StkR+nutx1fQevu2+t0Fu6KBcbvhfyHSXy7w0nJO
dTT4jWLjStpRkNQBPZwMwHH35i+21gdnJtDe/xfO8IX9McFmyodlBUcqX8CruIzD
v9AXf2OjXPBG+4aq+03XKl5/muATl32++301Vw1dXoGYNeoWQqLTsHT3WS3tOOf+
ehuzNuZ+rj+ephaD3lMBToEArrtC9R91KTTN6YSAOK48NxTA8CfOMFK5itxfIqB5
+E9OSQTidXyqLyoeA+xxTKMqYfxvypEek1oueAhY9u67NCBdmuavxtfyvwp7+o6S
d+NsewxAhmRKFexw13KOYzDhC+9aMJcuJQIDAQABo4ID2DCCA9QwHwYDVR0jBBgw
FoAUt2ui6qiqhIx56rTaD5iyxZV2ufQwHQYDVR0OBBYEFLCTP+gXgv1ssrYXh8vj
gP6CmwGeMIGBBgNVHREEejB4gg93d3cuZXhhbXBsZS5vcmeCC2V4YW1wbGUubmV0
ggtleGFtcGxlLmVkdYILZXhhbXBsZS5jb22CC2V4YW1wbGUub3Jngg93d3cuZXhh
bXBsZS5jb22CD3d3dy5leGFtcGxlLmVkdYIPd3d3LmV4YW1wbGUubmV0MA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgY8GA1Ud
HwSBhzCBhDBAoD6gPIY6aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0
VExTUlNBU0hBMjU2MjAyMENBMS00LmNybDBAoD6gPIY6aHR0cDovL2NybDQuZGln
aWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2MjAyMENBMS00LmNybDA+BgNV
HSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2lj
ZXJ0LmNvbS9DUFMwfwYIKwYBBQUHAQEEczBxMCQGCCsGAQUFBzABhhhodHRwOi8v
b2NzcC5kaWdpY2VydC5jb20wSQYIKwYBBQUHMAKGPWh0dHA6Ly9jYWNlcnRzLmRp
Z2ljZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIwMjBDQTEtMS5jcnQwCQYD
VR0TBAIwADCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHYA7s3QZNXbGs7FXLed
tM0TojKHRny87N7DUUhZRnEftZsAAAGFq0gFIwAABAMARzBFAiEAqt+fK6jFdGA6
tv0EWt9rax0WYBV4re9jgZgq0zi42QUCIEBh1yKpPvgX1BreE0wBUmriOVUhJS77
KgF193fT2877AHcAc9meiRtMlnigIH1HneayxhzQUV5xGSqMa4AQesF3crUAAAGF
q0gFnwAABAMASDBGAiEA12SUFK5rgLqRzvgcr7ZzV4nl+Zt9lloAzRLfPc7vSPAC
IQCXPbwScx1rE+BjFawZlVjLj/1PsM0KQQcsfHDZJUTLwAB2AEiw42vapkc0D+Vq
AvqdMOscUgHLVt0sgdm7v6s52IRzAAABhatIBV4AAAQDAEcwRQIhAN5bhHthoyWM
J3CQB/1iYFEhMgUVkFhHDM/nlE9ThCwhAiAPvPJXyp7a2kzwJX3P7fqH5Xko3rPh
CzRoXYd6W+QkCjANBgkqhkiG9w0BAQsFAAOCAQEAWeRK2KmCuppK8WMMbXYmdbM8
dL7F9z2nkZL4zwYtWBDt87jW/Gz/E5YyzU/phySFC3SiwvYP9afYfXaKrunJWCtu
AG+5zSTuxELFTBaFnTRhOSO/xo6VyYSpsuVBD0R415W5z9l0v1hP5xb/fEAwxGxO
Ik3Lg2c6k78rxcWcGvJDoSU7hPb3U26oha7eFHSRMAYN8gfUxAi6Q2TF4j/arMVB
r6Q36EJ2dPcTu0p9NlmBm8dE34lzuTNC6GDCTWFdEloQ9u//M4kUUOjWn8a5XCs1
263t3Ta2JfKViqxpP5r+GvgVKG3qGFrC0mIYr0B4tfpeCY9T+cz4I6GDMSP0xg==
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Los Angeles/O=Internet\xC2\xA0Corporation\xC2\xA0for\xC2\xA0Assigned\xC2\xA0Names\xC2\xA0and\xC2\xA0Numbers/CN=www.example.org
issuer=/C=US/O=DigiCert Inc/CN=DigiCert TLS RSA SHA256 2020 CA1
---
No client certificate CA names sent
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3775 bytes and written 727 bytes
---
New, TLSv1/SSLv3, Cipher is AEAD-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : AEAD-AES256-GCM-SHA384
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Start Time: 1680325042
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)

Use -tls1_2 to test TLS 1.2 support

To let openssl force use TLSv1.2 to check whether sever support TLS 1.2 (force TLS 1.2) or not:

$ openssl s_client -connect dns.google:853 -tls1_2
CONNECTED(00000006)
depth=2 OU = GlobalSign Root CA - R2, O = GlobalSign, CN = GlobalSign
verify return:1
depth=1 C = US, O = Google Trust Services, CN = GTS CA 1O1
verify return:1
depth=0 C = US, ST = California, L = Mountain View, O = Google LLC, CN = dns.google
verify return:1
---
Certificate chain
 0 s:/C=US/ST=California/L=Mountain View/O=Google LLC/CN=dns.google
   i:/C=US/O=Google Trust Services/CN=GTS CA 1O1
 1 s:/C=US/O=Google Trust Services/CN=GTS CA 1O1
   i:/OU=GlobalSign Root CA - R2/O=GlobalSign/CN=GlobalSign
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgIRAJTRUTehSoT8AwAAAADDI0EwDQYJKoZIhvcNAQELBQAw
...
MnwzXvYoyKQEc4sHj9scMKnXyM9Cgbqh0wGH0eaIscCNIu7ULeU=
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Mountain View/O=Google LLC/CN=dns.google
issuer=/C=US/O=Google Trust Services/CN=GTS CA 1O1
---
No client certificate CA names sent
Server Temp Key: ECDH, X25519, 253 bits
---
SSL handshake has read 3351 bytes and written 281 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-CHACHA20-POLY1305
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-CHACHA20-POLY1305
    Session-ID: CC4A9A166E0DCF512A3206AC219AEFEB0496CBF05FB2EED933CB0AA942DACDD5
    Session-ID-ctx:
    Master-Key: D930863734390E930804BC6818721FFD2416246EA08F7EF4060D2D45FAD6B66640BC2579B56EA3E3C9033DE556FC123E
    TLS session ticket lifetime hint: 100799 (seconds)
    TLS session ticket:
    0000 - 01 56 db 77 af 6f 79 83-c8 d1 36 2b 85 d6 e4 15   .V.w.oy...6+....
    0010 - 33 3f 32 e0 90 c3 24 14-82 99 16 4f 2a 5e f9 e7   3?2...$....O*^..
    0020 - d0 30 fb 52 60 0c 16 f3-5b 72 7e ca 82 f3 66 2b   .0.R`...[r~...f+
    0030 - 4e 4d 18 ed 2c ed 96 39-47 61 7f 24 df 17 5c 32   NM..,..9Ga.$..\2
    0040 - 92 f5 07 2b ed 9b 19 67-05 c0 c2 e8 89 51 18 dc   ...+...g.....Q..
    0050 - f4 2e 67 68 64 18 b2 cb-cf 20 ca 0c 1a 3b 96 60   ..ghd.... ...;.`
    0060 - 39 4d 51 b7 90 ba 6e 4d-6e 36 34 d5 a6 fe 5e 56   9MQ...nMn64...^V
    0070 - 2f 7d bf 12 c6 22 59 6a-7c 91 79 a6 6a 25 59 dd   /}..."Yj|.y.j%Y.
    0080 - ce b1 43 25 e2 dc ca 90-f4 99 47 07 0b eb fb d8   ..C%......G.....
    0090 - 7e 3a 2a 3d 77 fd 9a d1-c1 a8 3e 7d 6a 67 78 1e   ~:*=w.....>}jgx.
    00a0 - dc d9 ef 52 20 7b e9 10-a9 ab 66 c6 c1 a2 de dd   ...R {....f.....
    00b0 - 53 67 0d 56 17 1b d8 6f-20 2c cf e8 b9 77 26 f5   Sg.V...o ,...w&.
    00c0 - 52 ce 7d d5 71 87 60 4e-b8 76 cb 3c 47 1e 71 b0   R.}.q.`N.v.<G.q.
    00d0 - fc 1a c9 c3 75 a4 95 f7-8d 33 b5 2f e0            ....u....3./.

    Start Time: 1610933457
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
---

Test TLSv1.3 support

Similar to force TLS 1.2, newer openssl support -tls1_3 option to test TLS 1.3 support (force TLS 1.3).

However not all the openssl have -tls1_3 options. Alternative way is use an docker image with new openssl, like alpine/openssl:

$ docker run --rm alpine/openssl s_client -connect cloudflare.com:443 -tls1_3
CONNECTED(00000003)
depth=2 C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root
verify return:1
depth=1 C = US, O = "Cloudflare, Inc.", CN = Cloudflare Inc ECC CA-3
verify return:1
depth=0 C = US, ST = California, L = San Francisco, O = "Cloudflare, Inc.", CN = cloudflare.com
verify return:1
DONE
---
Certificate chain
 0 s:C = US, ST = California, L = San Francisco, O = "Cloudflare, Inc.", CN = cloudflare.com
   i:C = US, O = "Cloudflare, Inc.", CN = Cloudflare Inc ECC CA-3
 1 s:C = US, O = "Cloudflare, Inc.", CN = Cloudflare Inc ECC CA-3
   i:C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFYTCCBQigAwIBAgIQBsL7pLsusHbY3MmUQqCsHjAKBggqhkjOPQQDAjBKMQsw
...
pu8FAiABVTdpTcSCEnk6WOA1UyiCotlMtX7NDPh8uJcfg1+bgg==
-----END CERTIFICATE-----
subject=C = US, ST = California, L = San Francisco, O = "Cloudflare, Inc.", CN = cloudflare.com

issuer=C = US, O = "Cloudflare, Inc.", CN = Cloudflare Inc ECC CA-3

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: ECDSA
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 2671 bytes and written 318 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 256 bit
Secure Renegotiation IS NOT supported
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

Test specific cipher suites for a TLS connection

To test server cipher suites support. First use openssl ciphers -v command to see a list of supported available ciphers:

$ openssl ciphers -v
TLS_AES_256_GCM_SHA384  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(256) Mac=AEAD
TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any      Au=any  Enc=CHACHA20/POLY1305(256) Mac=AEAD
TLS_AES_128_GCM_SHA256  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=RSA  Enc=CHACHA20/POLY1305(256) Mac=AEAD
DHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=DH       Au=RSA  Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA384
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
DHE-RSA-AES256-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA256
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA256
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA256
DHE-RSA-AES128-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA256
ECDHE-ECDSA-AES256-SHA  TLSv1 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA1
ECDHE-RSA-AES256-SHA    TLSv1 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA1
DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
ECDHE-ECDSA-AES128-SHA  TLSv1 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA1
ECDHE-RSA-AES128-SHA    TLSv1 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA1
DHE-RSA-AES128-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA1
RSA-PSK-AES256-GCM-SHA384 TLSv1.2 Kx=RSAPSK   Au=RSA  Enc=AESGCM(256) Mac=AEAD
DHE-PSK-AES256-GCM-SHA384 TLSv1.2 Kx=DHEPSK   Au=PSK  Enc=AESGCM(256) Mac=AEAD
RSA-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=RSAPSK   Au=RSA  Enc=CHACHA20/POLY1305(256) Mac=AEAD
DHE-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=DHEPSK   Au=PSK  Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=ECDHEPSK Au=PSK  Enc=CHACHA20/POLY1305(256) Mac=AEAD
AES256-GCM-SHA384       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(256) Mac=AEAD
PSK-AES256-GCM-SHA384   TLSv1.2 Kx=PSK      Au=PSK  Enc=AESGCM(256) Mac=AEAD
PSK-CHACHA20-POLY1305   TLSv1.2 Kx=PSK      Au=PSK  Enc=CHACHA20/POLY1305(256) Mac=AEAD
RSA-PSK-AES128-GCM-SHA256 TLSv1.2 Kx=RSAPSK   Au=RSA  Enc=AESGCM(128) Mac=AEAD
DHE-PSK-AES128-GCM-SHA256 TLSv1.2 Kx=DHEPSK   Au=PSK  Enc=AESGCM(128) Mac=AEAD
AES128-GCM-SHA256       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(128) Mac=AEAD
PSK-AES128-GCM-SHA256   TLSv1.2 Kx=PSK      Au=PSK  Enc=AESGCM(128) Mac=AEAD
AES256-SHA256           TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA256
AES128-SHA256           TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA256
ECDHE-PSK-AES256-CBC-SHA384 TLSv1 Kx=ECDHEPSK Au=PSK  Enc=AES(256)  Mac=SHA384
ECDHE-PSK-AES256-CBC-SHA TLSv1 Kx=ECDHEPSK Au=PSK  Enc=AES(256)  Mac=SHA1
SRP-RSA-AES-256-CBC-SHA SSLv3 Kx=SRP      Au=RSA  Enc=AES(256)  Mac=SHA1
SRP-AES-256-CBC-SHA     SSLv3 Kx=SRP      Au=SRP  Enc=AES(256)  Mac=SHA1
RSA-PSK-AES256-CBC-SHA384 TLSv1 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA384
DHE-PSK-AES256-CBC-SHA384 TLSv1 Kx=DHEPSK   Au=PSK  Enc=AES(256)  Mac=SHA384
RSA-PSK-AES256-CBC-SHA  SSLv3 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA1
DHE-PSK-AES256-CBC-SHA  SSLv3 Kx=DHEPSK   Au=PSK  Enc=AES(256)  Mac=SHA1
AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
PSK-AES256-CBC-SHA384   TLSv1 Kx=PSK      Au=PSK  Enc=AES(256)  Mac=SHA384
PSK-AES256-CBC-SHA      SSLv3 Kx=PSK      Au=PSK  Enc=AES(256)  Mac=SHA1
ECDHE-PSK-AES128-CBC-SHA256 TLSv1 Kx=ECDHEPSK Au=PSK  Enc=AES(128)  Mac=SHA256
ECDHE-PSK-AES128-CBC-SHA TLSv1 Kx=ECDHEPSK Au=PSK  Enc=AES(128)  Mac=SHA1
SRP-RSA-AES-128-CBC-SHA SSLv3 Kx=SRP      Au=RSA  Enc=AES(128)  Mac=SHA1
SRP-AES-128-CBC-SHA     SSLv3 Kx=SRP      Au=SRP  Enc=AES(128)  Mac=SHA1
RSA-PSK-AES128-CBC-SHA256 TLSv1 Kx=RSAPSK   Au=RSA  Enc=AES(128)  Mac=SHA256
DHE-PSK-AES128-CBC-SHA256 TLSv1 Kx=DHEPSK   Au=PSK  Enc=AES(128)  Mac=SHA256
RSA-PSK-AES128-CBC-SHA  SSLv3 Kx=RSAPSK   Au=RSA  Enc=AES(128)  Mac=SHA1
DHE-PSK-AES128-CBC-SHA  SSLv3 Kx=DHEPSK   Au=PSK  Enc=AES(128)  Mac=SHA1
AES128-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA1
PSK-AES128-CBC-SHA256   TLSv1 Kx=PSK      Au=PSK  Enc=AES(128)  Mac=SHA256
PSK-AES128-CBC-SHA      SSLv3 Kx=PSK      Au=PSK  Enc=AES(128)  Mac=SHA1

Please note TLSv1.3 have fewer and stronger cipher options:

$ openssl ciphers -v | grep v1.3
TLS_AES_256_GCM_SHA384  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(256) Mac=AEAD
TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any      Au=any  Enc=CHACHA20/POLY1305(256) Mac=AEAD
TLS_AES_128_GCM_SHA256  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(128) Mac=AEAD

An example of use -ciphersuites to specific TLS_AES_256_GCM_SHA384 cipher in TLS 1.3:

$ docker run --rm alpine/openssl s_client -connect www.cloudflare.com:443 -tls1_3 -ciphersuites 'TLS_AES_256_GCM_SHA384'
CONNECTED(00000003)
depth=2 C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root
verify return:1
depth=1 C = US, O = "Cloudflare, Inc.", CN = Cloudflare Inc ECC CA-3
verify return:1
depth=0 C = US, ST = California, L = San Francisco, O = "Cloudflare, Inc.", CN = cloudflare.com
verify return:1
DONE
---
Certificate chain
 0 s:C = US, ST = California, L = San Francisco, O = "Cloudflare, Inc.", CN = cloudflare.com
   i:C = US, O = "Cloudflare, Inc.", CN = Cloudflare Inc ECC CA-3
 1 s:C = US, O = "Cloudflare, Inc.", CN = Cloudflare Inc ECC CA-3
   i:C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFYTCCBQigAwIBAgIQBsL7pLsusHbY3MmUQqCsHjAKBggqhkjOPQQDAjBKMQsw
...
pu8FAiABVTdpTcSCEnk6WOA1UyiCotlMtX7NDPh8uJcfg1+bgg==
-----END CERTIFICATE-----
subject=C = US, ST = California, L = San Francisco, O = "Cloudflare, Inc.", CN = cloudflare.com

issuer=C = US, O = "Cloudflare, Inc.", CN = Cloudflare Inc ECC CA-3

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: ECDSA
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 2672 bytes and written 320 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 256 bit
Secure Renegotiation IS NOT supported
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

At the end of output, cipher TLS_AES_256_GCM_SHA384 is confirmed.

Extract server public certificate

Extract server public certificate into a PEM encoded file:

$ echo -n | openssl s_client -connect www.example.com:443 -servername www.example.com | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > cert.pem

$ cat cert.pem
-----BEGIN CERTIFICATE-----
MIIG1TCCBb2gAwIBAgIQD74IsIVNBXOKsMzhya/uyTANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQ
...
vUzLnF7QYsJhvYtaYrZ2MLxGD+NFI8BkXw==
-----END CERTIFICATE-----

Troubleshooting on get invalid certifate “Issuer: OU=No SNI provided; please fix your client., CN=invalid2.invalid”

Incase you get certificate with following subject:

Issuer: OU=No SNI provided; please fix your client., CN=invalid2.invalid

Try to add -servername <server-dns-name> to s_client (see above as example). -servername val set TLS extension servername (SNI) in ClientHello.

Decode PEM encoded certificate file

In previous example, we export server public certificate into a PEM encoded file. To view the certificate info, use following openssl x509 command to dump certificate content:

$ openssl x509 -in cert.pem -text -noout
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:52:16:e1:c4:99:8e:26:32:aa:5d:1d:a9:85:b4:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1
        Validity
            Not Before: Dec 10 00:00:00 2021 GMT
            Not After : Dec  9 23:59:59 2022 GMT
        Subject: C=US, ST=California, L=Los Angeles, O=Verizon Digital Media Services, Inc., CN=www.example.org
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a0:30:42:56:d7:0b:a1:11:b9:f3:0b:ec:cc:f2:
                    4c:b0:6f:13:02:6b:cf:07:f3:85:f0:42:8f:c5:54:
                    98:81:6e:7a:93:38:b6:fa:46:42:b3:5c:e6:c9:3b:
                    59:93:61:24:43:20:f5:7a:89:c9:77:ad:ff:87:c8:
                    08:db:86:f5:dc:61:75:96:5f:dc:f0:08:ca:3a:b9:
                    5e:0f:fa:37:7c:65:6a:ca:08:27:1e:9d:d8:0a:3f:
                    9e:10:db:45:25:9a:03:72:ba:f5:27:d9:b0:eb:36:
                    d4:93:39:8c:11:6c:5f:33:14:58:e5:c0:88:c5:1f:
                    7a:21:14:cc:d2:a7:5f:1c:73:1f:d9:03:20:6e:7a:
                    08:ef:17:4e:e3:be:28:c0:4f:e0:71:63:21:04:77:
                    8f:8f:4b:2b:e8:0b:a2:be:97:7e:50:6f:b8:3b:37:
                    63:7f:a4:0c:99:ff:96:a2:c3:7f:ca:7c:21:ba:fd:
                    90:d1:3f:05:a4:34:70:d6:84:8e:a5:00:dc:29:7c:
                    fd:96:cb:43:ae:39:8f:2d:c6:ad:d8:c2:1d:9b:e4:
                    5f:9c:51:9c:8b:fe:6d:49:62:5b:c7:cd:1e:18:96:
                    ce:c6:2a:07:b7:71:80:60:72:ac:57:12:00:90:43:
                    0f:23:be:a9:70:71:d6:e5:7b:85:a3:4d:05:88:21:
                    c7:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier:
                keyid:B7:6B:A2:EA:A8:AA:84:8C:79:EA:B4:DA:0F:98:B2:C5:95:76:B9:F4

            X509v3 Subject Key Identifier:
                6D:E0:FA:A4:C8:6F:2B:37:0E:0D:4D:C8:12:9A:D1:07:81:68:60:44
            X509v3 Subject Alternative Name:
                DNS:www.example.org, DNS:example.net, DNS:example.edu, DNS:example.com, DNS:example.org, DNS:www.example.com, DNS:www.example.edu, DNS:www.example.net
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage:
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl

                Full Name:
                  URI:http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl

            X509v3 Certificate Policies:
                Policy: 2.23.140.1.2.2
                  CPS: http://www.digicert.com/CPS

            Authority Information Access:
                OCSP - URI:http://ocsp.digicert.com
                CA Issuers - URI:http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt

            X509v3 Basic Constraints: critical
                CA:FALSE
            1.3.6.1.4.1.11129.2.4.2:
                ...i.g.v.F.U.u.. 0...i..}.,At..I.....p.mG...}...p.....G0E.!...(..Q1k.. ......../C.H..u....... CG .r..7|...S.rIyo.[.......G.....u.A...."FJ...:.B.^N1.....K.h..b......}...<.....F0D. {3No^.}..Dl........E..8..;U.8.... .....F...B.^y.f.|3..4....."..5.%.v...^.h.O.l..._N>Z.....j^.;.. D\*s...}...v.....G0E.!....
:.V.3....3..Q..vsC.c;.%w.HM....
    Signature Algorithm: sha256WithRSAEncryption
         a5:54:34:69:fe:fb:03:6b:f1:a8:1d:5a:36:79:59:8f:5c:62:
         a2:63:99:04:d0:63:78:39:56:44:0c:35:a2:62:5c:88:af:7a:
         10:d4:4d:c1:4f:aa:d7:e2:99:39:55:95:5a:df:2c:6c:58:44:
         03:99:af:39:06:a1:08:d4:7f:df:48:28:95:b8:65:43:90:d1:
         60:ec:2a:86:a8:c1:4d:6a:7f:3a:46:4f:06:eb:8f:39:9e:77:
         61:db:2e:54:cf:f0:d8:d0:a5:83:cc:10:82:22:45:05:02:d6:
         25:0a:fb:49:5f:d1:43:aa:e6:62:c9:dc:2a:b7:c8:bf:54:6c:
         ec:a1:61:35:fd:85:ad:39:73:9f:e7:64:7b:e1:c0:23:6f:ca:
         27:b9:45:3e:a3:58:b7:0c:1f:af:61:3d:2d:83:1a:25:6b:f0:
         71:b8:89:5d:56:d4:5d:ff:5f:e1:de:04:eb:04:a3:56:32:62:
         52:08:48:21:c1:ef:60:a2:8e:48:b6:42:20:07:cc:fa:b2:ef:
         51:fd:30:3b:7d:8c:7d:a3:6d:82:95:44:80:d1:27:6d:1e:17:
         66:35:fa:b9:3b:a9:08:f0:2e:80:4c:e3:80:1f:5b:d3:7b:9f:
         a7:84:ba:fd:87:11:69:da:54:1c:a6:a1:48:c7:69:21:33:63:
         27:73:54:e8

Use -starttls to upgrade a plain text connection to an encrypted (TLS or SSL) connection

STARTTLSoffer a way to upgrade a plain text connection to an encrypted (TLS or SSL) connection instead of using a separate port for encrypted communication.

Several protocols like STMP, IMAP, XMPP, NNTP use a command named “STARTTLS” for this purpose. FTP uses the command AUTH TLS.

openssl provide -starttls prot to test STARTTLS support:

 -starttls prot - use the STARTTLS command before starting TLS
                 for those protocols that support it, where
                 'prot' defines which one to assume.  Currently,
                 only "smtp", "lmtp", "pop3", "imap", "ftp" and "xmpp"
                 are supported.

For example, Gmail use port 587 for STARTTLS connection, use the following command to test it, we can the TLS connection setup process, server certificate, handshake, cipher etc.

After connection is established, can send SMTP command like HELO smtp.gmail.com and get response from server.

$ openssl s_client -connect smtp.gmail.com:587 -starttls smtp
CONNECTED(00000005)
depth=3 C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA
verify return:1
depth=2 C = US, O = Google Trust Services LLC, CN = GTS Root R1
verify return:1
depth=1 C = US, O = Google Trust Services LLC, CN = GTS CA 1C3
verify return:1
depth=0 CN = smtp.gmail.com
verify return:1
---
Certificate chain
 0 s:/CN=smtp.gmail.com
   i:/C=US/O=Google Trust Services LLC/CN=GTS CA 1C3
 1 s:/C=US/O=Google Trust Services LLC/CN=GTS CA 1C3
   i:/C=US/O=Google Trust Services LLC/CN=GTS Root R1
 2 s:/C=US/O=Google Trust Services LLC/CN=GTS Root R1
   i:/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIEiTCCA3GgAwIBAgIRAPNAL8G1pyR+CgAAAAEl/6IwDQYJKoZIhvcNAQELBQAw
...
dos6Ztuq+2pId4qBas9cdxN8m+eW28cp+XLXNqwwQADdpdZ2Frl627dE3V5wU0GV
tE07IhnSNQlCqCIOUg==
-----END CERTIFICATE-----
subject=/CN=smtp.gmail.com
issuer=/C=US/O=Google Trust Services LLC/CN=GTS CA 1C3
---
No client certificate CA names sent
Server Temp Key: ECDH, X25519, 253 bits
---
SSL handshake has read 4726 bytes and written 316 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-CHACHA20-POLY1305
Server public key is 256 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-ECDSA-CHACHA20-POLY1305
    Session-ID: BF8E5684C0E47150A48E865BBB2412E732D0F9F5C615BE9F287124744E57CFF5
    Session-ID-ctx:
    Master-Key: A1685E5E75EF0B2C4104F524B2BEDD81A230687F667150AE14EBFE0AAE72A17B8D4F2FCF93EB096E268F9D0EA658216C
    TLS session ticket lifetime hint: 100800 (seconds)
    TLS session ticket:
    0000 - 01 6e 80 8a c5 3f 5e fa-a6 a6 9f 24 68 5d f4 61   .n...?^....$h].a
    0010 - bf ff 54 8e 26 a4 ac 05-54 28 3c 88 39 be 08 db   ..T.&...T(<.9...
    0020 - 37 3b 5c 7f 49 3e d7 06-19 3a b5 0f 1a 1e 2c 38   7;\.I>...:....,8
    0030 - 28 92 3f c5 dd dc ea 63-d1 27 76 30 46 a4 39 99   (.?....c.'v0F.9.
    0040 - a0 87 cd 64 d6 1b f8 31-81 79 e7 de 8e ed 00 40   ...d...1.y.....@
    0050 - 5b aa 68 2e 1d 1e 28 de-76 94 dc 78 f3 12 db 81   [.h...(.v..x....
    0060 - 04 81 2d 81 7a a8 43 0d-2a 68 fe 4c 82 de 6c 3c   ..-.z.C.*h.L..l<
    0070 - e0 8b 9e 67 d7 65 ce c5-3b 39 52 18 a3 d3 8b 82   ...g.e..;9R.....
    0080 - ec 6f 7b a0 e7 ae 15 e0-bb 9c 2b 02 f1 e3 55 b8   .o{.......+...U.
    0090 - b4 6d 5a 18 ad a7 04 dd-38 70 d3 6a 09 91 34 1c   .mZ.....8p.j..4.
    00a0 - 5c 64 1c 96 3f 5c 7d 78-9f 03 e9 52 bc 43 8f 32   \d..?\}x...R.C.2
    00b0 - 1b 91 1f dc a9 16 7b cd-72 a5 d9 58 49 d4 02 ca   ......{.r..XI...
    00c0 - d2 f1 45 9c ae ab e6 d0-7b 2d 9e a0 94 04 e1 f8   ..E.....{-......
    00d0 - ea e8 9b 0a 21 d4 57 5a-6b df db b4 48            ....!.WZk...H

    Start Time: 1639810577
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
---
250 SMTPUTF8
HELO smtp.gmail.com
250 smtp.gmail.com at your service

Sample error when connect to non-TLS server

$ openssl s_client -connect example.com:80
Connecting to 93.184.215.14
CONNECTED(00000005)
006112F701000000:error:0A0000C6:SSL routines:tls_get_more_records:packet length too long:ssl/record/methods/tls_common.c:655:
006112F701000000:error:0A000139:SSL routines::record layer failure:ssl/record/rec_layer_s3.c:692:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 5 bytes and written 326 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
This TLS version forbids renegotiation.
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

Summary: openssl s_client command examples quick references

  • Test TLS connection:

    openssl s_client -connect www.google.com:443

  • Show all certificates chain:

    openssl s_client -connect dns.google:853 -showcerts

  • Extract server public certificate:

    echo -n | openssl s_client -connect www.example.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > cert.pem

  • Use specific version of TLS:

    openssl s_client -connect dns.google:853 -tls1_2

  • Specific ciphersuites for a TLS connection:

    openssl s_client -connect www.cloudflare.com:443 -tls1_3 -ciphersuites 'TLS_AES_256_GCM_SHA384'

  • Use -starttls to upgrade a plain text connection to an encrypted (TLS or SSL) connection:

    openssl s_client -connect smtp.gmail.com:587 -starttls smtp

  • Decode PEM encoded certificate file:

    $ openssl x509 -in cert.pem -text -noout

  • Use docker to run openssl:

    docker run --rm alpine/openssl s_client -connect cloudflare.com:443 -tls1_3

Related pages:

References

OmniLock - Block / Hide App on iOS

Block distractive apps from appearing on the Home Screen and App Library, enhance your focus and reduce screen time.

DNS Firewall for iOS and Mac OS

Encrypted your DNS to protect your privacy and firewall to block phishing, malicious domains, block ads in all browsers and apps

Ad