Hi, sorry for deleting lastest posts, I have copied raw openssl output masking ambient names. Here is the output of openssl, on a Secure Tunnel ambient. It shows TLS v1.2:
sailpoint@sailpoint-va ~ $ openssl s_client -connect DELETED-sb.identitynow.com:443
CONNECTED(00000003)
depth=2 C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root
verify return:1
depth=1 C = US, O = "Cloudflare, Inc.", CN = Cloudflare Inc ECC CA-3
verify return:1
depth=0 C = US, ST = California, L = San Francisco, O = "Cloudflare, Inc.", CN = sni.cloudflaressl.com
verify return:1
---
Certificate chain
0 s:C = US, ST = California, L = San Francisco, O = "Cloudflare, Inc.", CN = sni.cloudflaressl.com
i:C = US, O = "Cloudflare, Inc.", CN = Cloudflare Inc ECC CA-3
a:PKEY: id-ecPublicKey, 256 (bit); sigalg: ecdsa-with-SHA256
v:NotBefore: Feb 16 00:00:00 2023 GMT; NotAfter: Feb 15 23:59:59 2024 GMT
1 s:C = US, O = "Cloudflare, Inc.", CN = Cloudflare Inc ECC CA-3
i:C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root
a:PKEY: id-ecPublicKey, 256 (bit); sigalg: RSA-SHA256
v:NotBefore: Jan 27 12:48:08 2020 GMT; NotAfter: Dec 31 23:59:59 2024 GMT
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFNzCCBN2gAwIBAgIQCBQXFoP8rsZzNW2P6Tub2TAKBggqhkjOPQQDAjBKMQsw
CQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEgMB4GA1UEAxMX
Q2xvdWRmbGFyZSBJbmMgRUNDIENBLTMwHhcNMjMwMjE2MDAwMDAwWhcNMjQwMjE1
MjM1OTU5WjB1MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQG
A1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEe
MBwGA1UEAxMVc25pLmNsb3VkZmxhcmVzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZI
zj0DAQcDQgAEFGr/xDl76K29jAQuo943k7vsci+L7s+H/ZCTkIhYBtSDsRDBBCL2
22qdhRIpCH2A3D/LK+xvqL6UJYvP+HG+FaOCA3gwggN0MB8GA1UdIwQYMBaAFKXO
N+rrsHUOlGeItEX62SQQh5YfMB0GA1UdDgQWBBTrON1GS5bIF60HbVYfi5ARQ7E6
dDA9BgNVHREENjA0ghVzbmkuY2xvdWRmbGFyZXNzbC5jb22CG3JvZG9iZW5zLXNi
LmlkZW50aXR5bm93LmNvbTAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYB
BQUHAwEGCCsGAQUFBwMCMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRp
Z2ljZXJ0LmNvbS9DbG91ZGZsYXJlSW5jRUNDQ0EtMy5jcmwwN6A1oDOGMWh0dHA6
Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9DbG91ZGZsYXJlSW5jRUNDQ0EtMy5jcmwwPgYD
VR0gBDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdp
Y2VydC5jb20vQ1BTMHYGCCsGAQUFBwEBBGowaDAkBggrBgEFBQcwAYYYaHR0cDov
L29jc3AuZGlnaWNlcnQuY29tMEAGCCsGAQUFBzAChjRodHRwOi8vY2FjZXJ0cy5k
aWdpY2VydC5jb20vQ2xvdWRmbGFyZUluY0VDQ0NBLTMuY3J0MAwGA1UdEwEB/wQC
MAAwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2AO7N0GTV2xrOxVy3nbTNE6Iy
h0Z8vOzew1FIWUZxH7WbAAABhlwUlzsAAAQDAEcwRQIgCznE61YRlFDb1T5HjvKG
9F7EBecRwnJpz+B3s0ix/swCIQCICW7qcWA8ks58hlrMVGD9UTZnURdVQqlEqkRV
y9Wv8gB2AHPZnokbTJZ4oCB9R53mssYc0FFecRkqjGuAEHrBd3K1AAABhlwUl18A
AAQDAEcwRQIgUTvtYO2qn+PhEL8ikMORK4PF1tBC7jiUXjLqYRjXEg0CIQCaGKzd
g2BWeiXA4jlLy01JtDwC40C5SEI0Faj+TbObYgB3AEiw42vapkc0D+VqAvqdMOsc
UgHLVt0sgdm7v6s52IRzAAABhlwUlycAAAQDAEgwRgIhANb9QDv1Bew/eltHx9jZ
QRZycFCYJHr0/wimspAWp5XRAiEAnEbSH4ui/4DhyF221IwtWJ/wt0Bq4H9NFgmb
Le8oJQ0wCgYIKoZIzj0EAwIDSAAwRQIgKglNAiOI7TwJyMbY9PqFlLQ2yLlryLOT
bngsVODMFk0CIQCx4/i/+4tNZdngn7AW9YZX+uqcUuyq8vGe39WGgH1UPw==
-----END CERTIFICATE-----
subject=C = US, ST = California, L = San Francisco, O = "Cloudflare, Inc.", CN = sni.cloudflaressl.com
issuer=C = US, O = "Cloudflare, Inc.", CN = Cloudflare Inc ECC CA-3
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: ECDSA
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 2785 bytes and written 418 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-ECDSA-CHACHA20-POLY1305
Server public key is 256 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-CHACHA20-POLY1305
Session-ID: D7554B940E6413BA3F60BF37B6B944CC0031D28B078620AD8573ADFAE6EAFB9B
Session-ID-ctx:
Master-Key: _DELETED_
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 64800 (seconds)
TLS session ticket:
0000 - fa f1 4f 35 6f d8 f5 51-84 48 1b 79 53 83 e7 a0 ..O5o..Q.H.yS...
0010 - 6a 50 88 17 bb e4 6b 53-8b 9b 8a af c0 12 c0 93 jP....kS........
0020 - f1 d9 91 a9 bd 2b 73 65-db e1 56 4c a1 b2 f0 1b .....+se..VL....
0030 - ae 43 8d 83 06 99 a1 c8-7a 96 29 8f eb 9b 68 40 .C......z.)...h@
0040 - d6 0d 48 09 e0 75 7c 7f-b7 03 18 ec 21 55 39 bc ..H..u|.....!U9.
0050 - 31 c3 51 35 45 07 e1 da-81 eb 56 66 a7 b5 39 84 1.Q5E.....Vf..9.
0060 - c9 69 67 11 7d 85 13 d4-c5 07 f3 7c 5c 26 41 8b .ig.}......|\&A.
0070 - 58 d8 72 93 b6 88 04 bf-1e 42 f2 74 5d 6f cf 9c X.r......B.t]o..
0080 - 3a 83 9d db 0f dc 4f ee-e9 16 9b 86 2e fe a0 ed :.....O.........
0090 - 6c c3 e1 65 3d 62 ff d8-02 86 10 5e 2e 59 ba 3a l..e=b.....^.Y.:
00a0 - c6 17 2c 5f ae 1e f5 be-60 11 97 5b f5 97 ce 67 ..,_....`..[...g
00b0 - 9f ca a4 d5 aa 22 dd bf-c9 58 60 19 75 ac e0 79 ....."...X`.u..y
Start Time: 1694784327
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: yes
---
closed