How to debug SSL handshake using cURL?

I have used this command to troubleshoot client certificate negotiation:

openssl s_client -connect -prexit

The output will probably contain “Acceptable client certificate CA names” and a list of CA certificates from the server, or possibly “No client certificate CA names sent”, if the server doesn’t always require client certificates.

Leave a Comment