curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Problem adding TLS 1.3 support on curl - schannel on Windows 21H2 preview

From: Gilles Vollant via curl-library <>
Date: Thu, 29 Apr 2021 09:45:43 +0200


I have installed Windows 2022 preview (same base than future Windows 10


With this version, software that call wininet download use TLS 1.3

Internet explorer 11 (after checking TLS 1.3 in options) also uses TLS 1.3 website tell TLS_AES_256_GCM_SHA384 cipher is used,
both by internet explorer or a wininet download.


I tried add support of TLS 1.3 on curl schannel, by adding constant
SP_PROT_TLS1_3_CLIENT from current Windows SDK

But when I run

curl --tlsv1.3


I got error:

schannel: AcquireCredentialsHandle failed: SEC_E_ALGORITHM_MISMATCH
(0x80090331) - The client and server cannot communicate, because they do not
possess a common algorithm.



Any idea?



Gilles Vollant


Received on 2021-04-29