Checking two-way authentication SSL/TLS handshake

I work on a REST API client that needs to connect to an SSL/TSL server using two-way authentication. That is, the client also needs to authenticate itself against the server with the client SSL certificate. It turns out you can quickly check if the SSL handshake can be established with this handy openssl diagnostics command:

$ openssl s_client -connect -cert client_cert.pem

where is the server, and client_cert.pem is the client certificate.

In case of SSL handshake failure, the command will show an error, for example:

4306587116:error:1401E0E5:SSL routines:CONNECT_CR_FINISHED:ssl handshake failure

In case the handshake succeeds & the connection is established, the command will be waiting for input, which will be sent to the server.

Some more posts I have found useful about this topic:


If you need help with building the tech products get in touch.