gnutls test: http://pastebin.com/raw/kWNRTSr6
OpenSSL test:
[root@siemlr01 ~]# openssl s_client -connect XX:1443 -tls1_2
CONNECTED(00000003)
depth=1 C = XX, ST = XX, O = XX, CN = XXCA, emailAddress = XX@XX
verify return:1
depth=0 C = XX, ST = XX, L = XX, O = XX, CN = XX, emailAddress = XX@XX
verify return:1
140365432276896:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:598:
---
Certificate chain
0 s:/C=XX/ST=XX/L=XX/O=XX/CN=XX/emailAddress=XX@XX
i:/C=XX/ST=XX/O=XX/CN=XXCA/emailAddress=XX@XX
1 s:/C=XX/ST=XX/O=XX/CN=XXCA/emailAddress=XX@XX
i:/C=XX/ST=XX/O=XX/CN=XXCA/emailAddress=XX@XX
---
Server certificate
-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----
subject=/C=XXS/ST=XX/L=XX/O=XX/CNXX/emailAddress=XX@XX
issuer=/C=XX/ST=XX/O=XX/CN=XXCA/emailAddress=XX@XX
---
No client certificate CA names sent
Server Temp Key: ECDH, secp521r1, 521 bits
---
SSL handshake has read 2444 bytes and written 230 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-SHA
Session-ID: [...]
Session-ID-ctx:
Master-Key: [...]
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
Start Time: 1482917415
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---
[root@siemlr01 ~]#