Node.js says it's using tls1.2 when minVersion set to 1.3 and connecting with a client using 1.3

Question

I'm using HttpClient of .net core with with:

    clientHandler.ClientCertificates.Add(cert);
    _clientHandler.ServerCertificateCustomValidationCallback=VerifyServerCertificate;
    _clientHandler.ClientCertificateOptions = ClientCertificateOption.Manual;
    _clientHandler.SslProtocols= SslProtocols.Tls13;
    HttpClient Client = new HttpClient(_clientHandler);

on the node side (I have node version v12.8.0) I set the server options like this:

    var options = {
      key: fs.readFileSync('server-key.pem'),
      cert: fs.readFileSync('server-crt.pem'),
      ca: fs.readFileSync(config.ca),
      requestCert: true,
      rejectUnauthorized: true,
      enableTrace: true,
      minVersion: 'TLSv1.3',
      maxVersion: 'TLSv1.3'
    };

here's the tls trace:

   Received Record
Header:
  Version = TLS 1.0 (0x301)
  Content Type = Handshake (22)
  Length = 223
    ClientHello, Length=219
      client_version=0x303 (TLS 1.2)
      Random:
        gmt_unix_time=0xEEC5687E
        random_bytes (len=28): 24761EF6E5B5B89F5333E9BCF87A28E55A4B598DDB0848049                                                                                                             A66DA26
      session_id (len=0):
      cipher_suites (len=56)
        {0xC0, 0x2C} TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
        {0xC0, 0x30} TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
        {0x00, 0x9F} TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
        {0xCC, 0xA9} TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
        {0xCC, 0xA8} TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
        {0xCC, 0xAA} TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
        {0xC0, 0x2B} TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
        {0xC0, 0x2F} TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
        {0x00, 0x9E} TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
        {0xC0, 0x24} TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
        {0xC0, 0x28} TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
        {0x00, 0x6B} TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
        {0xC0, 0x23} TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
        {0xC0, 0x27} TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
        {0x00, 0x67} TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
        {0xC0, 0x0A} TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
        {0xC0, 0x14} TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
        {0x00, 0x39} TLS_DHE_RSA_WITH_AES_256_CBC_SHA
        {0xC0, 0x09} TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
        {0xC0, 0x13} TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
        {0x00, 0x33} TLS_DHE_RSA_WITH_AES_128_CBC_SHA
        {0x00, 0x9D} TLS_RSA_WITH_AES_256_GCM_SHA384
        {0x00, 0x9C} TLS_RSA_WITH_AES_128_GCM_SHA256
        {0x00, 0x3D} TLS_RSA_WITH_AES_256_CBC_SHA256
        {0x00, 0x3C} TLS_RSA_WITH_AES_128_CBC_SHA256
        {0x00, 0x35} TLS_RSA_WITH_AES_256_CBC_SHA
        {0x00, 0x2F} TLS_RSA_WITH_AES_128_CBC_SHA
        {0x00, 0xFF} TLS_EMPTY_RENEGOTIATION_INFO_SCSV
      compression_methods (len=1)
        No Compression (0x00)
      extensions, length = 122
        extension_type=server_name(0), length=30
          0000 - 00 1c 00 00 19 74 65 73-74 2e 61 72 74 69 73   .....test.artis
          000f - 61 6e 6d 65 64 69 63 61-6c 2e 63 6f 2e 69 6c   anmedical.co.il
        extension_type=ec_point_formats(11), length=4
          uncompressed (0)
          ansiX962_compressed_prime (1)
          ansiX962_compressed_char2 (2)
        extension_type=supported_groups(10), length=10
          ecdh_x25519 (29)
          secp256r1 (P-256) (23)
          secp521r1 (P-521) (25)
          secp384r1 (P-384) (24)
        extension_type=signature_algorithms(13), length=32
          rsa_pkcs1_sha512 (0x0601)
          dsa_sha512 (0x0602)
          ecdsa_secp521r1_sha512 (0x0603)
          rsa_pkcs1_sha384 (0x0501)
          dsa_sha384 (0x0502)
          ecdsa_secp384r1_sha384 (0x0503)
          rsa_pkcs1_sha256 (0x0401)
          dsa_sha256 (0x0402)
          ecdsa_secp256r1_sha256 (0x0403)
          rsa_pkcs1_sha224 (0x0301)
          dsa_sha224 (0x0302)
          ecdsa_sha224 (0x0303)
          rsa_pkcs1_sha1 (0x0201)
          dsa_sha1 (0x0202)
          ecdsa_sha1 (0x0203)
        extension_type=next_proto_neg(13172), length=0
        extension_type=application_layer_protocol_negotiation(16), length=14
          h2
          http/1.1
        extension_type=encrypt_then_mac(22), length=0
        extension_type=extended_master_secret(23), length=0

Sent Record
Header:
  Version = TLS 1.2 (0x303)
  Content Type = Alert (21)
  Length = 2
    Level=fatal(2), description=protocol version(70)

The error on the c# side is: The client and server cannot communicate, because they do not possess a common algorithm.

Why is node using tls1.2 when I set the minVersion to 1.3?

Answer 1

According to .NET Core 3 documentation (https://learn.microsoft.com/en-us/dotnet/core/whats-new/dotnet-core-3-0), TLS 1.3 is not yet supported in Windows or macOS (only Linux, with OpenSSL v1.1.1 or above).

If the client was using TLS 1.3 then it should say so in the 7th line of the trace. Your NodeJS server is behaving properly. It's the one rejecting the connection because the client is actually trying to connect using TLS 1.2.