Forum » Support and Bug Reports »

FTP explicit TLS connection problem with some minimal TLS versions

Advertisement

vankom
Guest

FTP explicit TLS connection problem with some minimal TLS versions

winscp632 (win10): default setting for explicit TLS is Minimal version TLS 1.2 (test3)
test1: min version TLS 1.0, wireshark reports Client Hello TLSv12 connection OK
test2: min version TLS 1.1, wireshark reports Client Hello TLSv12 connection OK
test3: min version TLS 1.2, wireshark reports Client Hello TLSv1, Server closed connection (no shared ciphers)
test4: min version TLS 1.3, wireshark reports Client Hello TLSv1, Server closed conenction (no shared ciphers)
Could you explain, why wireshark reports Client Hello TLSv1, when I ser TLS 1.2/1.3 ?

Reply with quote

Advertisement

vankom
Guest

winscp5.21.8portable (win10):
test1: min version TLS 1.0, wireshark reports Client Hello TLSv12, connection OK
test2: min version TLS 1.1, wireshark reports Client Hello TLSv12, connection OK
test3: min version TLS 1.2, wireshark reports Client Hello TLSv12, connection OK
test4: min version TLS 1.3, wireshark reports Client Hello TLSv1, Server closed conenction (no shared ciphers)

Reply with quote

vankom
Guest

FTP explicit TLS connection problem with some minimal TLS versions

I think thist part of setting-vs-using need rework. Also missing default value in RAW options is confused (if you setup non-default value, then configuration options is in config). Developers, please, take a look at this.

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
40,587
Location:
Prague, Czechia

Re: FTP explicit TLS connection problem with some minimal TLS versions

I'm sorry, but I do not understand your last post. Can you please try again? Can you describe step-by-step what are you doing and how did it go wrong?

Reply with quote

Advertisement

martin
Site Admin
martin avatar

Re: FTP explicit TLS connection problem with some minimal TLS versions

Of course that I've looked at them. But I still do not understand it. Please explain.

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
40,587
Location:
Prague, Czechia

Re: FTP explicit TLS connection problem with some minimal TLS versions

Please attach a full session log file showing the problem (using the latest version of WinSCP).

To generate the session log file, enable logging, log in to your server and do the operation and only the operation that causes the error. Submit the log with your post as an attachment. Note that passwords and passphrases not stored in the log. You may want to remove other data you consider sensitive though, such as host names, IP addresses, account names or file names (unless they are relevant to the problem). If you do not want to post the log publicly, you can mark the attachment as private.

Reply with quote

vankom
Guest

FTP explicit TLS connection problem with some minimal TLS versions

Test logs (version TLSmin-TLSmax)
WinSCP Version 5.21.8 TLSv1.2-TLSv1.2.log working
WinSCP Version 6.1.2 TLSv1.2-TLSv1.2.log working
WinSCP Version 6.2 beta TLSv1.2-TLSv1.2.log error
WinSCP Version 6.3.3 TLSv1.2-TLSv1.2.log error
WinSCP Version 6.3.3 TLSv1.1-TLSv1.2.log working
I found that problem is since version 6.2 beta.
If I compare log 6.1.2 TLSv1.2-TLSv1.2 and 6.3.3 TLSv1.1-TLSv1.2 they look identical.
Why is 6.3.3 TLSv1.2-TLSv1.2 not working?

Reply with quote

Advertisement

You can post new topics in this forum

Documentation

Support

Associations

Follow Us