Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: handshake version shown as TLS1.0 even TLS1.2 set as minimum supported version in libcurl
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: nallasivan k via curl-users <curl-users_at_cool.haxx.se>
Date: Fri, 9 Oct 2020 11:10:49 +0530
Hi Rich Gray,
Thanks for the quick reply. but if i test with other https client
libraries, i could not see 1.0 in TLS Record Header specifier.
so in this case, can the same be set through libcurl or am i missing
something to configure?
Thanks
Shiva
On Thu, Oct 8, 2020 at 4:31 AM Rich Gray via curl-users <
curl-users_at_cool.haxx.se> wrote:
> nallasivan k via curl-users wrote:
> > Hi,
>
> > curl_easy_setopt(m_pSession, CURLOPT_SSLVERSION,
> CURL_SSLVERSION_TLSv1_2);
> >
> > usign the above API , I set TLS1.2 as minimum supported TLS version, but
> > still i could see the Handshake version shown in tLS1.0 .
> >
> > Kindly help me to resolve this issue.
> >
> > Thanks
> > Nallasivan.k
> >
>
> I don't think there is an issue if https://tls.ulfheim.net/ is to
> believed.
> Drill down into the Client Hello and you'll see that TLS 1.0 is used as
> a
> Record Header format specifier which hasn't changed for later TLS
> versions.
> The real 1.2 indicator follows in Client Version.
>
> It notes that the source (of what?) has the following comment:
>
> // Some TLS servers fail if the record version is
> // greater than TLS 1.0 for the initial ClientHello.
>
> - Rich
>
> -----------------------------------------------------------
> Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
> Etiquette: https://curl.haxx.se/mail/etiquette.html
>
-----------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2020-10-09
Date: Fri, 9 Oct 2020 11:10:49 +0530
Hi Rich Gray,
Thanks for the quick reply. but if i test with other https client
libraries, i could not see 1.0 in TLS Record Header specifier.
so in this case, can the same be set through libcurl or am i missing
something to configure?
Thanks
Shiva
On Thu, Oct 8, 2020 at 4:31 AM Rich Gray via curl-users <
curl-users_at_cool.haxx.se> wrote:
> nallasivan k via curl-users wrote:
> > Hi,
>
> > curl_easy_setopt(m_pSession, CURLOPT_SSLVERSION,
> CURL_SSLVERSION_TLSv1_2);
> >
> > usign the above API , I set TLS1.2 as minimum supported TLS version, but
> > still i could see the Handshake version shown in tLS1.0 .
> >
> > Kindly help me to resolve this issue.
> >
> > Thanks
> > Nallasivan.k
> >
>
> I don't think there is an issue if https://tls.ulfheim.net/ is to
> believed.
> Drill down into the Client Hello and you'll see that TLS 1.0 is used as
> a
> Record Header format specifier which hasn't changed for later TLS
> versions.
> The real 1.2 indicator follows in Client Version.
>
> It notes that the source (of what?) has the following comment:
>
> // Some TLS servers fail if the record version is
> // greater than TLS 1.0 for the initial ClientHello.
>
> - Rich
>
> -----------------------------------------------------------
> Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
> Etiquette: https://curl.haxx.se/mail/etiquette.html
>
-----------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2020-10-09