[openssl-users] s_server -www -tls1_3: Firefox/Chrome not working

Benjamin Kaduk bkaduk at akamai.com
Wed Sep 12 14:20:38 UTC 2018


On Wed, Sep 12, 2018 at 03:50:17PM +0200, Klaus Keppler wrote:
> Hi,
> 
> when I create a TLS-1.3-only "web" server with s_server (from OpenSSL
> 1.1.1-release), Firefox/Chrome can't access it.
> According to all docs I've read so far, the TLS 1.3 implementations both
> from Firefox (62.x) and from Chrome (69.x) should be compatible so far.

You need to check that the browser is implementing the final RFC 8446 version
and not an earlier draft version -- two are incompatible by design
(and OpenSSL 1.1.1 implements the final RFC 8446 version).

IIUC, only Firefox nightly as of approximately today will support the final
RFC 8446 version; I haven't looked into Chrome yet.

-Ben


More information about the openssl-users mailing list