TLS Version in Record Layer using OpenSSL 1.1.1
Michael.Lee2 at intusurg.com
Fri Jun 2 23:22:18 UTC 2023
Hello Matt Caswell:
Regarding your remark from https://mta.openssl.org/pipermail/openssl-users/2020-October/013081.html
Basically the record version is never greater than TLSv1.2. If we're in
an initial ClientHello (not a renegotiation or an HRR) and the max
version is > TLSv1.0 then the record version is fixed at TLSv1.0 for the
Do you know if this "fixed at TLSv1.0" restriction is relaxed with OpenSSL 3?
We have packets that are being blocked by firewall due to the TLS 1.0 signature.
We desperately need to change the Record Layer version to TLS 1.2 somehow.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users