Enumerating TLS protocol versions and ciphers supported by the peer

Michael Wojcik Michael.Wojcik at microfocus.com
Mon Dec 6 14:36:08 UTC 2021

From: openssl-users <openssl-users-bounces at openssl.org> On Behalf Of Dr. Matthias St. Pierre
Sent: Monday, 6 December, 2021 07:12

> today I learned that nmap has a nice feature to enumerate the protocol versions and cipher
> suites supported by the peer (see below).
> Is there a comparable elegant way to obtain the same results using the `openssl s_client`
> tool?

"Comparable elegant" is underspecified.

Perhaps try testssl.sh (https://testssl.sh/)? It has various options for reducing the number and types of tests it runs. We've used it for profiling internal TLS-enabled servers.

Michael Wojcik

More information about the openssl-users mailing list