Hi I found a Xojo dev with this same problem back in May where you send a TLS1.2 handshake request and you get a TLS1.0 failure message. Our Cloudflare instance works fine with curl using TLS1.2.
Any thoughts on this and especially if you were the author above on the cloudflare issue?
What did you do to solve this? I am using wireshark and it confirms this issue still.
You might wanna check their docs. It clearly states they only support http1.1 and later…
Connections from Cloudflare’s Edge to your origin server(s) only support HTTP/1.1. HTTP/2 and HTTP/3 accelerate page load and are free for all Cloudflare plans. HTTP/2 is enabled by default and requires an SSL certificate at Cloudflare’s edge network. Configure HTTP/2 and HTTP/3 via the Cloudflare Network app.
@DerkJ thanks but – I already have been through their docs (I control the CloudFlare instance) – CURL works with it via TLS1.2 --> I use TLS1.2 with HTTPSecureSocket a ton with other APIs we write to. (I even tried the SSLv23 type and still gets a 102).
Yeah i know, but do you actually believe there will be support for legacy encryption? Or even legacy sockets? Maybe best to ask which route Xojo will go in this. There is nothing about ciphers used in the xojo docs…
@Mike_Cotrone You really shouldn’t be using HTTPSecureSocket these days. You will be bitten in the future. If you migrate now, your customers will be supported for much longer and you won’t be rushing to issue an update when it happens. Even now Apple is starting to require HTTP/2 for some requests. Don’t expect HTTP/1.0 to carry you for much longer. One or two years, I’d guess.
Cipher suites do match up. Unless I’m mistaken, the handshake should be using TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256.
Are we sure SSLSocket supports SNI? I think it does, but I’m not seeing any other potential reason for the failure.