3 Ways to Check SSL Connection error

Table of Contents

SSL Connection error is the most common error between client and server.

SSL Connection error tells us that we are unable to make a secure connection with the server.

That’s to some extent it tells us what the issue is, but what makes it more difficult is that users don’t have an idea what exactly is causing to this happen.

In this article, we will cover how the SSL connection is established and how to check SSL Connection error in 3 ways.

How is SSL connection established?

  • The client sends a request to the server for a secure session. The server responds by sending its X.509 digital certificate to the client.
  • The client receives the server’s X.509 digital certificate.
  • The client authenticates the server, using a list of known certificate authorities.
  • The client generates a random symmetric key and encrypts it using the server’s public key.
  • The client and server now both know the symmetric key and can use the SSL encryption process to encrypt and decrypt the information contained in the client request and the server response.


Check SSL Connection from network side

We need to check the network connectivity between client and server first to make sure we can connect to remote server.

Now we collect 6 different ways for this task. We don’t need to install any package if we use the following two python commands.

  • Use nc command nc -zvw10 22
  • Use nmap command nmap -p 22
  • Use telnet command telnet 22
  • Use python telnet module
  • Use python socket module
  • Use curl command

check more info about this from here

6 ways to Check a remote port is open in Linux


Check SSL Certificate info on remote server

We can check SSL certificate from the following items.

  • The SSL certificate is not Installed properly
  • The SSL certificate has Expired
  • The SSL certificate chain order

Check SSL Certificate with OpenSSL

4 Ways to Check SSL Certificate Expiration date

Check SSL Certificate Chain with OpenSSL Examples


Check SSL handshake process between client and server

We have some commands to check the SSL handshake process.

From the command output, we can narrow down the cause of SSL/TLS connection issue and locate root cause.

curl is an open source tool available on Windows 10, Linux and Unix OS. It is a tool designed to transfer data and supports many protocols. HTTPS is one of them. It can also used to test TLS connection.

  •  Test connection with a given TLS version: curl -v https://google.com –tlsv1.1
  •  Test with a given CipherSuite and TLS version: curl -v https://google.com –ciphers ECDHE-ECDSA-CHACHA20-POLY1305 –tlsv1.1


openSSL is an open source tool and its s_client acts as SSL client to test SSL connection with a remote server. This is helpful to isolate the cause of client.

  • Test a particular TLS version:  openssl s_client -host google.com -port 443 -tls1_1
  • Test with a given ciphersuite:  openssl s_client -host google.com -port 443 -cipher ECDHE-RSA-AES256-GCM-SHA384


we can check more info about openssl s_client command here.

Openssl S_client Command Examples


Table of Contents

Share on facebook
Share on twitter
Share on linkedin

You might also like