Command prompt to check TLS version required by a host

ssl https tls1.2
LakeMichigan picture LakeMichigan · Nov 11, 2016 · Viewed 54.8k times · Source

Is there a command to check the TLS version reuired by a host site. Right now, the only way I know to check is by adjusting the max TLS version of my browser and checking if I can still access the site. However, I suspect there is a more sophisticated way to do this.

Answer

root picture root · Nov 12, 2016

you can check using following commands

for tls 1.2

openssl s_client -connect www.google.com:443 -tls1_2

for tls 1.1

openssl s_client -connect www.google.com:443 -tls1_1

for tls 1

openssl s_client -connect www.google.com:443 -tls1

If you get the certificate chain and the handshake then the tls version is supported. If you don't see the certificate chain, and something similar to "handshake error" then its not.

Related questions

what is my openssl and ssl Default CA Certs Path?

Background : I am trying to create an SSL context connection with an external vendor for handshake and then communicate using an xml over that connection. clientCert = path["cert_path"] clientKey = path["key_path"] PROTOCOL = ssl.PROTOCOL_TLSv1 context = ssl.SSLContext(…

Read More
Resolving javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed Error?

Edit :- Tried to format the question and accepted answer in more presentable way at mine Blog Here is the original issue. I am getting this error: detailed message sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.…

Read More
https connection using CURL from command line

I am new to Curl and Cacerts world and facing a problem while connecting to a server. Basically, I need to test connectivity over https from one machine to another machine. I have a URL to which I need to …

Read More