• Registered: 2019-07-12
  • Posts: 3

Topic: TLS 1.3 errors (-326,-308) when connecting from browsers

Before WebSockets handshake on wolfSSL_accept, I get following errors on server side when connecting from browsers

1. Firefox:
WebSocket::accept() on wolfSSL_accept :-308 - error state on socket

2. Chrome:
WebSocket::accept() on wolfSSL_accept :-326 - record layer version error


Chrome version is: Version 75.0.3770.100 (Official Build) (64-bit)

Firefox version is: 67.0.4 (64-bit)

Is it something wrong with TLS 1.3 support in browsers?

wolfSSL TLS 1.2 works flawlessly with both browsers.

Please help.
Paul.

Share

  • Registered: 2019-07-12
  • Posts: 3

Re: TLS 1.3 errors (-326,-308) when connecting from browsers

Upgrading to 3.15.7 fixes the problem.

Share

  • From: Bozeman
  • Registered: 2014-05-09
  • Posts: 777

Re: TLS 1.3 errors (-326,-308) when connecting from browsers

HI pkLAppS,

Sorry for the delay in getting back on this, in 3.15.7 we fixed these three items with TLS 1.3:

Updates to internal code checking TLS 1.3 version with a connection
Removing unnecessary extended master secret from ServerHello if using TLS 1.3
Fix for TLS v1.3 HelloRetryRequest to be sent immediately and not grouped

One of those fixes likely resolved the issue you were seeing. As a note we always recommend using the latest release for the latest and greatest in security and features, we are currently on release 4.0.0 and in a release cycle so version 4.1.0 should be available for download on our website in the next week or two.

Warm Regards,

KH

Kaleb J. Himes's Website

Share