badssl.com

Today I discovered badssl.com, a very useful website to test various exceptional TLS/SSL cases. E.g., I tested what will happen if client supports TLS 1.3 only while server supports TLS 1.2 only:

# openssl s_client -connect tls-v1-2.badssl.com:1012 -tls1_3
CONNECTED(00000005)
01000000:error:0A000410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:ssl/record/rec_layer_s3.c:1584:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 253 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---