TLS Issues

Hello,

Needing some assistance. I am getting no compatible cipher suite available between tls end endpoints when customer calls our API. I have disabled TLS 1.3 still the same error. I also tried setting the SSL/TSL to flexible and off but that did not help either.

Please advise

What’s the URL?

api.vagustracker.com

I ran the Qualys test, and it’s the same cyphers as I get back for my website.

Disabling 1.3 won’t make a difference, as that’s just more to choose from. Do you know which TLS version the client uses? It’d be nice to know which cypher suites the client has available.

They use TLS 1.0, 1.1 and 1.2. Should i enable TLS 1.3 back?

This is what the client uses

10 *ECDHE_ECDSA_AES_128_GCM_SHA256
20 *ECDHE_ECDSA_AES_256_GCM_SHA384
30 *ECDHE_RSA_AES_128_GCM_SHA256
40 *ECDHE_RSA_AES_256_GCM_SHA384

I’m no cypher expert, but I assume those all start with TLS. However, all the AES cyphers I see listed say …WITH_AES. None of your say WITH.

Well the minimum is set to 1.0 default so it should work regardless of TLS 1.3 being enabled or not.

That’s why i dont understand why are we getting cipher issues.

Any other ideas?

This topic was automatically closed after 30 days. New replies are no longer allowed.