Microsoft recently announced TLSv1.3 support for Windows Server 1903 here. I'm trying to test it out using IIS10 but having issues - has anyone else attempted to get this working?
To enable TLSv1.3, I created SCHANNEL registry keys and rebooted the server. After the reboot, IIS seems unable to negotiate the session.
CURL output:
curl -vvvv https://192.168.1.15 * Rebuilt URL to: https://192.168.1.15/ * Trying 192.168.1.15... * TCP_NODELAY set * Connected to 192.168.1.15 (192.168.1.15) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt CApath: /etc/ssl/certs * TLSv1.3 (OUT), TLS handshake, Client hello (1): * TLSv1.3 (IN), TLS handshake, Server hello (2): * TLSv1.3 (OUT), TLS alert, Server hello (2): * error:1417106E:SSL routines:tls_process_server_hello:bad extension * stopped the pause stream! * Closing connection 0 curl: (35) error:1417106E:SSL routines:tls_process_server_hello:bad extension
Systeminfo:
Host Name: WIN-K0U7F6LQGT1 OS Name: Microsoft Windows Server Standard OS Version: 10.0.18362 N/A Build 18362 OS Manufacturer: Microsoft Corporation OS Configuration: Standalone Server OS Build Type: Multiprocessor Free Registered Owner: Windows User Registered Organization: Product ID: 00431-30000-00000-AA825 Original Install Date: 4/25/2020, 5:47:59 PM System Boot Time: 4/27/2020, 6:45:13 PM System Manufacturer: VMware, Inc. System Model: VMware7,1 System Type: x64-based PC Processor(s): 2 Processor(s) Installed. [01]: Intel64 Family 6 Model 45 Stepping 7 GenuineIntel ~2600 Mhz [02]: Intel64 Family 6 Model 45 Stepping 7 GenuineIntel ~2600 Mhz BIOS Version: VMware, Inc. VMW71.00V.9694812.B64.1808210100, 8/21/2018 Windows Directory: C:\Windows System Directory: C:\Windows\system32 Boot Device: \Device\HarddiskVolume2 System Locale: en-us;English (United States) Input Locale: en-us;English (United States) Time Zone: (UTC-08:00) Pacific Time (US & Canada) Total Physical Memory: 8,191 MB Available Physical Memory: 7,320 MB Virtual Memory: Max Size: 10,111 MB Virtual Memory: Available: 9,345 MB Virtual Memory: In Use: 766 MB Page File Location(s): C:\pagefile.sys Domain: WORKGROUP Logon Server: N/A Hotfix(s): 4 Hotfix(s) Installed. [01]: KB4532938 [02]: KB4513661 [03]: KB4528759 [04]: KB4528760 Network Card(s): 1 NIC(s) Installed. [01]: Intel(R) 82574L Gigabit Network Connection Connection Name: Ethernet0 DHCP Enabled: Yes DHCP Server: 192.168.1.1 IP address(es) [01]: 192.168.1.15 [02]: fe80::a825:948e:6374:f681 Hyper-V Requirements: A hypervisor has been detected. Features required for Hyper-V will not be displayed