s_client will try to use the best protocol to talk to the remote server and report the negotiated version in output. As mentioned earlier, you will find the protocol version in the output twice, and you want the line that explicitly talks about the protocol:1
Protocol : TLSv1.2
If you need to test support for specific protocol versions, you have two options. You can explicitly choose one protocol to test by supplying one of the
tls1_3 switches. Naturally, each switch requires support for a specific protocol version in the testing tool. If you want to exclude a particular protocol from the testing, there is a family of switches that disable protocols (e.g.,
-no_tls_1_2 for TLS 1.2). Sometimes that may be the better approach. Starting with OpenSSL 1.1.0, there are two new options,
-max_protocol, which control the minimum and maximum protocol version, respectively.
For example, here’s the output you might get when testing a server that doesn’t support a certain protocol version:
$ openssl s_client -connect www.example.com:443 -tls1_2 CONNECTED(00000003) 140455015261856:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:340: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 5 bytes and written 7 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None Start Time: 1339231204 Timeout : 7200 (sec) Verify return code: 0 (ok) ---
Understanding if a server supports SSL 2.0 may sometimes require more work, due to the fact that this old and very insecure version of the SSL protocol uses a different handshake from that used from SSL 3.0 onward. Although servers that support only SSL 2.0 should now be very rare, to check this eventuality, you’ll need to submit a separate check using the
Another protocol difference is that SSL 2.0 servers are sometimes seen without any configured cipher suites. In that case, although SSL 2.0 is supported, technically speaking, any handshake attempts will still fail. You should treat this situation as misconfiguration.