UPDATE/FOUND ISSUE:
After checking and checking I found it had to do with our OpenSLL module being 0.9.x (….oh man) which does not support TLSv1 and why my test failed but SSL Labs passed. So I have a couple of under the hood issues to fix here.
I can see why this post can be deemed off topic so do as you will đ
I am testing the update that Salesforce will be making in March given this document https://help.salesforce.com/articleView?id=000221207&type=1. I am using the SOAP API to connect and on my local machine I can connect to https://tls1test.salesforce.com/services/Soap/u/34.0
(via updating the WSDL) but on our production machine I cannot.
I verified that TLSv1.1 is being used on our server and even went so far as disabling TLSv1 all together to no avail. The error message is very vague so I have run out of ideas as to why the connection is failing on our production machine (LE/AMP stack) but works locally for me (LAMP stack).
Fault Code = "HTTP" and Error message is "Could not connect to host"
I am going to ask one of our SF Admins to enable this on one of our sandboxes but I do not think it will give me a different outcome.
To help you prepare for the Salesforce disabling TLS 1.0 beginning in June 2016, we are providing a new Critical Update Console (CRUC) setting, "Require TLS 1.1 or higher for HTTPS connections", for you to test the disablement of TLS 1.0 for your sandbox and production org prior to the Salesforce TLS 1.0 disablement schedule
Please let me know if I can provide further information!
UPDATE: Tried to connect from production via wget command
-bash-3.2$ wget https://tls1test.salesforce.com/services/Soap/u/34.0
--2017-01-25 16:25:45-- https://tls1test.salesforce.com/services/Soap/u/34.0
Resolving tls1test.salesforce.com... 136.146.30.119
Connecting to tls1test.salesforce.com|136.146.30.119|:443... connected.
OpenSSL: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
Unable to establish SSL connection.
-bash-3.2$
SSLv3 is disabled on the server
Best Answer
Per your comment (now an edit to your question) above seem you are using SSL 3
Salesforce has disabled SSL 3 11/12-2014 (POODLE Vulnerability):
https://help.salesforce.com/articleView?id=Salesforce-disabling-SSL-3-0-encryption&l_1=&type=1
Sister site related question with similar characteristics:
https://unix.stackexchange.com/questions/192944/how-to-fix-curl-sslv3-alert-handshake-failure
(this is the extent of my knowledge level on curl/unix/gobblygook to be able to help so if this is not it I am not your guy lol)