<![CDATA[wolfSSL - Embedded SSL Library — TLS1.3 ciphersuite question]]> https://www.wolfssl.com/forums/topic2107-tls13-ciphersuite-question.html Mon, 22 Apr 2024 22:39:35 +0000 PunBB <![CDATA[Re: TLS1.3 ciphersuite question]]> https://www.wolfssl.com/forums/post7599.html#p7599 Thanks Kareem,
I'll try this and let you know if I still have problems.
cheers,
Simon

]]> Mon, 22 Apr 2024 22:39:35 +0000 https://www.wolfssl.com/forums/post7599.html#p7599 <![CDATA[Re: TLS1.3 ciphersuite question]]> https://www.wolfssl.com/forums/post7598.html#p7598 Hi Simon,

It looks like you have a support contract on file with us, please contact us at support [AT] wolfssl [DOT] com so we can prioritize your support.

Thanks,
Kareem

]]> Mon, 22 Apr 2024 20:47:39 +0000 https://www.wolfssl.com/forums/post7598.html#p7598 <![CDATA[Re: TLS1.3 ciphersuite question]]> https://www.wolfssl.com/forums/post7597.html#p7597 Hi Simon,

To remove support for our AES CCM cipher suites, build wolfSSL with HAVE_AESCCM not defined.  If you are using configure, you can use the argument --disable-aesccm to disable this.

Thanks,
Kareem

]]> Mon, 22 Apr 2024 20:41:14 +0000 https://www.wolfssl.com/forums/post7597.html#p7597 <![CDATA[TLS1.3 ciphersuite question]]> https://www.wolfssl.com/forums/post7596.html#p7596 Hi,
We are using wolfSSL 5.7.0 to create a TLS 1.3 server.  After initialising the server I then add a single cipher suite (TLS_AES_128_GCM_SHA256) using SSL_CTX_set_ciphersuites.

When I query the server using NMAP I see that two cipher suites are reported:

| ssl-enum-ciphers:
|   TLSv1.3:
|     ciphers:
|       TLS_AKE_WITH_AES_128_GCM_SHA256 (secp256r1) - A
|       TLS_AKE_WITH_AES_128_CCM_8_SHA256 (secp256r1) - A

How do I get rid of the CCM_8 cipher suite - while still retaining support for TLS_AES_128_GCN_SHA256 and TLS_AES_256_GCN_SHA384?

thanks,
Simon

]]> Mon, 22 Apr 2024 05:02:55 +0000 https://www.wolfssl.com/forums/post7596.html#p7596