Dear MbedTLS maintainers,
we are already using MBedTLS, however, we recently enabled TLS 1.3 and
found that our certificates doesn't work anymore, because they are
brainpoolP256r1 (https://datatracker.ietf.org/doc/html/rfc8734). So the
question would be, if I missed any configuration to enable the usage of
brainpool curves (which are working for TLS 1.2) or if there are any
plans, that these are getting supported by MBedTLS 3.6.x?
Best regards,
Maren Konrad
Hi
We migrated from mbedtls 2.28 to mbedtls 3.6.2
https://github.com/Mbed-TLS/mbedtls/tree/107ea89daaefb9867ea9121002fbbdf926…
and
we see TLS handshake fails when we use TLS 1.2 in mbedtls 3.6.2 instead of
1.3.
We get below error
20E094B0FFFF0000:error:0A000126:SSL routines:ssl3_read_n:unexpected eof
while reading:/usr/src/debug/openssl/3.1.0-r0/ssl/record/rec_layer_s3.c:303:
# openssl s_client -connect 192.168.142.1:7001 -no_tls1_3 fails
After seeing the trace we have enabled ciphers but still we see the issue.
please advise, thanks.
Thanks
Kavitha
Hi Mbed TLS users,
We have released Mbed TLS versions 3.6.4.
These releases of Mbed TLS address several security issues, provide bug fixes, and bring other minor changes. Full details are available in the release notes (https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.4).
We recommend all users to consider whether they are impacted, and to upgrade appropriately.
