TLS Version in Record Layer using OpenSSL 1.1.1

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello Matt Caswell:

 

Regarding your remark from https://mta.openssl.org/pipermail/openssl-users/2020-October/013081.html

Basically the record version is never greater than TLSv1.2. If we're in

an initial ClientHello (not a renegotiation or an HRR) and the max

version is > TLSv1.0 then the record version is fixed at TLSv1.0 for the

ClientHello record.

 

Do you know if this “fixed at TLSv1.0” restriction is relaxed with OpenSSL 3? 

We have packets that are being blocked by firewall due to the TLS 1.0 signature.

We desperately need to change the Record Layer version to TLS 1.2 somehow.

 

Thanks!
-Mike Lee

 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux