@server1:~$ gnutls-cli -p 443 server1.ca1.example
Resolving 'server1.ca1.example'...
Connecting to '127.0.0.1:443'...
- Ephemeral Diffie-Hellman parameters
 - Using prime: 1024 bits
 - Secret key: 1020 bits
 - Peer's public key: 1023 bits
- Certificate type: X.509
 - Got a certificate list of 2 certificates.
 - Certificate[0] info:
  - subject `C=US,O=TestCA1,OU=CA1,L=Someplace,ST=Somewhere,CN=server1.ca1.example', issuer `C=US,O=TestCA1,OU=CA1,L=USA,ST=Someplace,CN=testca1.ca1.example', RSA key 512 bits, signed using RSA-SHA, activated `2013-01-30 06:52:44 UTC', expires `2014-01-30 06:52:47 UTC', SHA-1 fingerprint `e43e0ae53626dfd8b29efecdcf7149164ee8ff21'
 - Certificate[1] info:
  - subject `C=US,O=TestCA1,OU=CA1,L=USA,ST=Someplace,CN=testca1.ca1.example', issuer `C=US,O=TestCA1,OU=CA1,L=USA,ST=Someplace,CN=testca1.ca1.example', RSA key 512 bits, signed using RSA-SHA, activated `2013-01-30 06:40:26 UTC', expires `2015-01-20 06:40:33 UTC', SHA-1 fingerprint `a2d7d1db1e9d9e3978ad4fa9b82793554e8157d3'
- The hostname in the certificate matches 'server1.ca1.example'.
- Peer's certificate issuer is unknown
- Peer's certificate is NOT trusted
- Version: TLS1.0
- Key Exchange: DHE-RSA
- Cipher: AES-128-CBC
- MAC: SHA1
- Compression: NULL
- Handshake was completed

- Simple Client Mode:

^C