Web Server Rescue
Show TLS Protocol and Cipher
You need to see which TLS protocol and cipher the edge negotiates.
Command
openssl s_client -connect edge.test:443 -servername edge.test /dev/null | awk '/Protocol|Cipher|Verify return code/ {print}'What changed
Nothing changes. The command performs a read-only TLS handshake and filters the negotiated details.
Danger
safe
When to use it
Use when old clients fail, scanners flag TLS settings, or you need a quick negotiation snapshot.
When not to use it
Do not treat one client handshake as a full TLS policy audit.
Undo or recovery
No undo needed because this command is read-only.
Expected output
Protocol, cipher, and verification result from the TLS handshake.
demo script
Disposable terminal steps
openssl s_client -connect edge.test:443 -servername edge.test /dev/null | sed -n '1,8p'openssl s_client -connect edge.test:443 -servername edge.test /dev/null | awk '/Protocol|Cipher|Verify return code/ {print}'
simulated output
What it looks like
::fixture-ready::
$ openssl s_client -connect edge.test:443 -servername edge.test /dev/null | sed -n '1,8p'
CONNECTED(00000003)
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
Verify return code: 0 (ok)
-----BEGIN CERTIFICATE-----
FIXTURE-edge
-----END CERTIFICATE-----
::exit-code::0
$ openssl s_client -connect edge.test:443 -servername edge.test /dev/null | awk '/Protocol|Cipher|Verify return code/ {print}'
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
Verify return code: 0 (ok)
::exit-code::0
YouTube Short
Show TLS negotiation.
When TLS complaints are vague, print the protocol, cipher, and verify result from the handshake.
LinkedIn hook
The certificate was fine. The TLS negotiation told the rest of the story.
Question: What is your quickest TLS negotiation check during an incident?
experiments
A/B tests to run
Metric: watch_time
A: The handshake told the story.
B: Show protocol and cipher fast.