Reputation: 5941
TLS Version mismatch(?)
Let's say my side as a client supports TLS V1.0,1.1 and 1.2. The remote site supports TLS V1.0 and 1.1. Both sides support the same Ciphers.
My questions:
1 - To my understanding I will always initiate the communication using the highest TLS Version I have available. In that case How will I ever be able to connect with the other side?
2 - The following is a Wireshark CLIENT HELLO capture between a client and a server described as above.
TLSv1.1 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 172
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
Length: 168
Version: TLS 1.2 (0x0303)
Random
Session ID Length: 0
Cipher Suites Length: 52
Cipher Suites (26 suites)
Compression Methods Length: 1
Compression Methods (1 method)
Extensions Length: 75
Extension: server_name
Extension: elliptic_curves
Extension: ec_point_formats
Extension: signature_algorithms
Extension: SessionTicket TLS
Extension: renegotiation_info
This connection attempt ultimately yields a "Could not create SSL/TLS secure channel". I suspect this has something to do with what described as "TLSV1.1 Record Layer" and the "Version: TLS 1.2 (0x0303)". Could this be the reason the connection is failing?
Upvotes: 0
Views: 14870
Answers (3)
Reputation: 81
Guessing you have an an older version of Wireshark, since it reports TLSv1.1, but in the subsequent packet both the Record and the ClientHello clearly indicate TLSv1.2. Save your capture, upgrade Wireshark and then re-load the capture.
UPDATE: It's important to ensure your SSL\TLS handshake is COMPLETE; otherwise, for some reason, Wireshark will report incorrect TLS protocol version in the "protocol" field.
Upvotes: 1
Reputation: 555
There are two TLS versions sent with a Client Hello message. The first is the record layer version, which describes the version of TLS that you are using to communicate. The second version is the Client Hello value, which indicates the maximum version supported by the client.
I see three TLS versions in your Wireshark capture. I think the reference to version 1.1 in "TLSv1.1 Record Layer: Handshake Protocol: Client Hello" is wrong, though.
It appears that your client is sending a Client Hello with version 1.2 indicated within a record layer version of 1.2. The server, as it does not support version 1.2, rejects at the record layer. To get around this the client could send a version 1.2 Client Hello within a version 1.0 record. This would allow the server to communicate using version 1.0 that it supports version 1.1, and subsequent communication would use version 1.1.
Upvotes: 0
Reputation: 123320
The client starts the handshake with a ClientHello where it shows the best version it supports, i.e. TLS 1.2 in this case. The server then replies with a ServerHello with the best version the server supports which is equal or less the client offered version (i.e. TLS 1.1 in your case). If the client is not willing to accept this version (i.e. client configured to only support TLS 1.2 and nothing less) it will close the connection.
Upvotes: 2
Related Questions
- Enable TLS 1.2 Apache
- Why does the result of OpenSSL differ for TLS versions?
- Which TLS version was negotiated?
- Wrong SSL version used in Dtls handshake on HelloVerifyRequest
- Selective ERR_SSL_VERSION_OR_CIPHER_MISMATCH error with multiple Apache-hosted sites
- TLS1.3 version mismatch
- TLS 1.3 not working eventhough everything seems ok
- How to know the TLS version install and how to upgrade to TLS v1.3
- TLS 1.2 was supported in Java 8 but not in Java 7
- SSL handshake failing with "sslv3 alert handshake failure:SSL alert number 40"