stackoom
  简体   繁体   中英

Node.js says it's using tls1.2 when minVersion set to 1.3 and connecting with a client using 1.3

 原文  2020-01-23 14:19:18       node.js/ ssl/ tls1.3

Question

I'm using HttpClient of .net core with with:

    clientHandler.ClientCertificates.Add(cert);
    _clientHandler.ServerCertificateCustomValidationCallback=VerifyServerCertificate;
    _clientHandler.ClientCertificateOptions = ClientCertificateOption.Manual;
    _clientHandler.SslProtocols= SslProtocols.Tls13;
    HttpClient Client = new HttpClient(_clientHandler);

on the node side (I have node version v12.8.0) I set the server options like this:


    var options = {
      key: fs.readFileSync('server-key.pem'),
      cert: fs.readFileSync('server-crt.pem'),
      ca: fs.readFileSync(config.ca),
      requestCert: true,
      rejectUnauthorized: true,
      enableTrace: true,
      minVersion: 'TLSv1.3',
      maxVersion: 'TLSv1.3'
    };

here's the tls trace:

   Received Record
Header:
  Version = TLS 1.0 (0x301)
  Content Type = Handshake (22)
  Length = 223
    ClientHello, Length=219
      client_version=0x303 (TLS 1.2)
      Random:
        gmt_unix_time=0xEEC5687E
        random_bytes (len=28): 24761EF6E5B5B89F5333E9BCF87A28E55A4B598DDB0848049                                                                                                             A66DA26
      session_id (len=0):
      cipher_suites (len=56)
        {0xC0, 0x2C} TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
        {0xC0, 0x30} TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
        {0x00, 0x9F} TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
        {0xCC, 0xA9} TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
        {0xCC, 0xA8} TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
        {0xCC, 0xAA} TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
        {0xC0, 0x2B} TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
        {0xC0, 0x2F} TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
        {0x00, 0x9E} TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
        {0xC0, 0x24} TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
        {0xC0, 0x28} TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
        {0x00, 0x6B} TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
        {0xC0, 0x23} TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
        {0xC0, 0x27} TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
        {0x00, 0x67} TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
        {0xC0, 0x0A} TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
        {0xC0, 0x14} TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
        {0x00, 0x39} TLS_DHE_RSA_WITH_AES_256_CBC_SHA
        {0xC0, 0x09} TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
        {0xC0, 0x13} TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
        {0x00, 0x33} TLS_DHE_RSA_WITH_AES_128_CBC_SHA
        {0x00, 0x9D} TLS_RSA_WITH_AES_256_GCM_SHA384
        {0x00, 0x9C} TLS_RSA_WITH_AES_128_GCM_SHA256
        {0x00, 0x3D} TLS_RSA_WITH_AES_256_CBC_SHA256
        {0x00, 0x3C} TLS_RSA_WITH_AES_128_CBC_SHA256
        {0x00, 0x35} TLS_RSA_WITH_AES_256_CBC_SHA
        {0x00, 0x2F} TLS_RSA_WITH_AES_128_CBC_SHA
        {0x00, 0xFF} TLS_EMPTY_RENEGOTIATION_INFO_SCSV
      compression_methods (len=1)
        No Compression (0x00)
      extensions, length = 122
        extension_type=server_name(0), length=30
          0000 - 00 1c 00 00 19 74 65 73-74 2e 61 72 74 69 73   .....test.artis
          000f - 61 6e 6d 65 64 69 63 61-6c 2e 63 6f 2e 69 6c   anmedical.co.il
        extension_type=ec_point_formats(11), length=4
          uncompressed (0)
          ansiX962_compressed_prime (1)
          ansiX962_compressed_char2 (2)
        extension_type=supported_groups(10), length=10
          ecdh_x25519 (29)
          secp256r1 (P-256) (23)
          secp521r1 (P-521) (25)
          secp384r1 (P-384) (24)
        extension_type=signature_algorithms(13), length=32
          rsa_pkcs1_sha512 (0x0601)
          dsa_sha512 (0x0602)
          ecdsa_secp521r1_sha512 (0x0603)
          rsa_pkcs1_sha384 (0x0501)
          dsa_sha384 (0x0502)
          ecdsa_secp384r1_sha384 (0x0503)
          rsa_pkcs1_sha256 (0x0401)
          dsa_sha256 (0x0402)
          ecdsa_secp256r1_sha256 (0x0403)
          rsa_pkcs1_sha224 (0x0301)
          dsa_sha224 (0x0302)
          ecdsa_sha224 (0x0303)
          rsa_pkcs1_sha1 (0x0201)
          dsa_sha1 (0x0202)
          ecdsa_sha1 (0x0203)
        extension_type=next_proto_neg(13172), length=0
        extension_type=application_layer_protocol_negotiation(16), length=14
          h2
          http/1.1
        extension_type=encrypt_then_mac(22), length=0
        extension_type=extended_master_secret(23), length=0

Sent Record
Header:
  Version = TLS 1.2 (0x303)
  Content Type = Alert (21)
  Length = 2
    Level=fatal(2), description=protocol version(70)

The error on the c# side is: The client and server cannot communicate, because they do not possess a common algorithm.

Why is node using tls1.2 when I set the minVersion to 1.3?

1 answers

solution1
 3 ACCPTED  2020-01-26 11:09:07

According to .NET Core 3 documentation ( https://docs.microsoft.com/en-us/dotnet/core/whats-new/dotnet-core-3-0 ), TLS 1.3 is not yet supported in Windows or macOS (only Linux, with OpenSSL v1.1.1 or above).

If the client was using TLS 1.3 then it should say so in the 7th line of the trace. Your NodeJS server is behaving properly. It's the one rejecting the connection because the client is actually trying to connect using TLS 1.2.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question node.js client with TLS1.2 support node js tls1.2 and authentication Force TLS1.2 while using Node 12 node.js mqtt client using TLS LTI 1.3 Integration Node.js How to create HTTPS server with TLS 1.3 in Node.js v11 Debugging TLS Client connection using node.js Connecting two Meteor 1.3 applications using DDP Is it possible to write node JS code in meteor 1.3 client side? throw err when connecting to mongodb in VM using node.js
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM