I need clarification on what is the best way to check which SSL version I have running on my Linux RHEL 5.3 Server
When i use the sslscan tool ie sslscan --no-failed myserver:444 i get an output below(snippets)
[root@myserver]# sslscan --no-failed myserver:444
___ ___| |___ ___ __ _ _ __
/ __/ __| / __|/ __/ _` | '_ \
\__ \__ \ \__ \ (_| (_| | | | |
Copyright Ian Ventura-Whiting 2009
Testing SSL server myserver on port 444
When i run openssl command below it gives me a different (conflicting) SSL version ie SSLv3/TLS1
[root@myserver]# openssl s_client -connect myserver:444
New, TLSv1/SSLv3, Cipher is AES256-SHA
This has left me a bit confused, for instance on myserver as sslcan tool says certificate version is 0 but openssl says certificate is SSLv3 /TLS1 .....
Which is which? someone please help
Does SSL shows the certificate version rather than the the SSl version number.? Grey area for me someone please shed some light.
Your help would be greatly appreciated.