Amazon is sunsetting SSLv3 support soon, and I am trying to verify that boto is utilizing TLS. Is there a good way to verify this? Or is there a good test to show TLS utilization?
At a high-level, the client and the server will negotiate which one to support as part of the SSL/TLS handshake, the highest supported version of the protocol, both from the client and the server side, wins. If client supports the latest and greatest which is TLS 1.2 and the server supports it as well, they will decide to use TLS 1.2. You can sniff the traffic using Wireshark or other similar packet capture tools to determine if the encrypted traffic is using SSLv3 or TLS.