I'm attempting to test if a web server dies when SSL connections are "severed" at various points of the SSL handshake, etc.
I thought I saw a tool once that would "stress test" SSL connections by sending them various input, some truncated. Anybody heard of anything like that? No amount of googling seems to reveal anything more than "load tests" for web servers.
Popular TLS implementations have already served vast numbers of connections, some of which from people trying to break them. Patch testing procedures may be sufficient. First, let community testers and early adopters try it. Then, your test environments with typical workflows. Finally, an incremental rollout to production where possible will throw lots of traffic at it.
If your build does not receive as much attention, possibly you want to try and break it. Certainly, hunting for new issues would require more than passive use. Security.SE has experience in TLS specifically and denial of service in general.
Regarding tools, look for TLS oriented test suites and fuzzers. These do invalid or exotic things. For example, tomato42/tlsfuzzer. I have no specific experience with this, but it has a non-trivial number of features and can be run against any TLS server.
Here's another way to test a particular implementation: "badssl.com" e.g. you can request things like very.badssl.com, 1000-sans.badssl.com etc.
ref:https://github.com/crystal-lang/crystal/commit/039673d3d99b3defe3b0f2f8e3f2dd87ef29ccbc