The new networking layer in v15 does not use the '^' character to distinguish between the clear and encrypted modes. Instead, the application server always listens in clear and comminucates the very first data packet in clear.
If the Encrypted Client-Server Connections mode is enabled then the first packet is handled in clear and then an upgrade to TLS is triggered.
Because of this, command line openssl tools do not work for validating the encrypted connection as they did with v13 and v14. The only way to verify if a connectin is encrypted with the new network layer is to look at the network traffic with an appropriate tool such as Wireshark.