It’s been a while but I used a bunch of these tools continuously for years. I mostly always used sslyze, because it was very versatile and gave me the info I wanted, whether it was around ciphers, tickets, cert chain validations, etc. I think testssl.sh did almost or possibly everything I wanted, but not sure.

SSLyze also has a decent Python library.

The problem with it though is the license. I wanted to build it into some other tooling but the license held me back.

I ended up building my own tooling that did just what I needed and built an API around it.