Recently I observed a case where TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 was set at the client side (SCU) but the client hello message listed below cipher suites:
- TLS_AES_256_GCM_SHA384
- TLS_CHACHA20_POLY1305_SHA256
- TLS_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Similar case was not observed when I ran the SCU from a host machine and tested using dcm4che test applications.
On analysis, one possible cause that we came across was related with TLSv1.3 support.
When using openssl, there is a possible issue scenario where TLSv1.3 could be negotiated even if we set only TLSv1.2 cipher suites.
To do away with this, one suggested solution is to call openssl API SSL_CTX_set_max_proto_version() to disable TLSv1.3.
Does dcmtk have support to limit the supported TLS version?
Regards,
Amal