Update: after I disabled aes-gcm the server selected TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d) and the connection succeeded (disabling aes-gcm also disabled the available ciphers with SHA384 so it's not clear whether that was the culprit or not). So things are working again but still not sure what the interop problem was, thanks for the help ... N Nou Dadoun Senior Firmware Developer, Security Specialist