Hello,
after update to Version 4.4.0.0 from 3.9.3.0
TLS “Server Hello”-Message was changed.
The same:
Cipher Suite
TLS protokol version
xmpp.socket.ssl.client.ciphersuites Parameter
Changed:
Signature Hash Algorithms
Distinguished Names
Version 3.9.3.0
Handshake Protocol: Client Hello
Cipher Suites (5 suites)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
Signature Hash Algorithms (2 algorithms)
Signature Algorithm: rsa_pkcs1_sha256 (0x0401)
Signature Algorithm: rsa_pkcs1_sha1 (0x0201)
Handshake Protocol: Server Hello
Version: TLS 1.2 (0x0303)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
Signature Hash Algorithms (12 algorithms)
Signature Algorithm: ecdsa_secp521r1_sha512 (0x0603)
Signature Algorithm: rsa_pkcs1_sha512 (0x0601)
Signature Algorithm: ecdsa_secp384r1_sha384 (0x0503)
Signature Algorithm: rsa_pkcs1_sha384 (0x0501)
Signature Algorithm: ecdsa_secp256r1_sha256 (0x0403)
Signature Algorithm: rsa_pkcs1_sha256 (0x0401)
Signature Algorithm: SHA224 ECDSA (0x0303)
Signature Algorithm: SHA224 RSA (0x0301)
Signature Algorithm: ecdsa_sha1 (0x0203)
Signature Algorithm: rsa_pkcs1_sha1 (0x0201)
Signature Algorithm: SHA1 DSA (0x0202)
Signature Algorithm: MD5 RSA (0x0101)
Distinguished Names Length: 0
Version 4.4.0.0
Handshake Protocol: Client Hello
Cipher Suites (5 suites)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
Signature Hash Algorithms (2 algorithms)
Signature Algorithm: rsa_pkcs1_sha256 (0x0401)
Signature Algorithm: rsa_pkcs1_sha1 (0x0201)
Handshake Protocol: Server Hello
Version: TLS 1.2 (0x0303)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
Signature Hash Algorithms (10 algorithms)
Signature Algorithm: ecdsa_secp521r1_sha512 (0x0603)
Signature Algorithm: rsa_pkcs1_sha512 (0x0601)
Signature Algorithm: ecdsa_secp384r1_sha384 (0x0503)
Signature Algorithm: rsa_pkcs1_sha384 (0x0501)
Signature Algorithm: ecdsa_secp256r1_sha256 (0x0403)
Signature Algorithm: rsa_pkcs1_sha256 (0x0401)
Signature Algorithm: SHA256 DSA (0x0402)
Signature Algorithm: ecdsa_sha1 (0x0203)
Signature Algorithm: rsa_pkcs1_sha1 (0x0201)
Signature Algorithm: SHA1 DSA (0x0202)
Distinguished Names Length: 4514
-> here send server device sub-certificates, that installed on the server.
can I fix it?
thank you