I'm working on a TLS client that needs to be upgraded to use TLS 1.3 on Windows-11. Has anyone successfully implemented TLS 1.3 using SChannel APIs?
As per Microsoft below link TLS 1.3 is supported in win-11 & server-2022
Protocols in TLS/SSL (Schannel SSP) - Win32 apps | Microsoft Docs[
^]
below code snip added for TLS1.3 :
#define SECURITY_PROTOCOL_TLSV13 0x00
securityInfo->bySecurityProtocol = SECURITY_PROTOCOL_TLSV13;
sChannelCred->grbitEnabledProtocols =SP_PROT_TLS1_3_CLIENT;
status = pMyFunTab->**AcquireCredentialsHandleA**(NULL, UNISP_NAME_A, SECPKG_CRED_OUTBOUND, NULL, &sChannelCred, NULL, NULL, phCred, &ts);
Return status = SEC_E_ALGORITHM_MISMATCH(0x80090331)
error details: Secure connection failed. An error occurred while trying to connect to the host, error code 0x80090331. The client and server cannot communicate, because they do not possess a common algorithm.
api link :
AcquireCredentialsHandleA function (sspi.h) - Win32 apps | Microsoft Docs[
^]
acquirecredentialshandle--schannel.md[
^]
What I have tried:
Tried the below change to fix the same:
Windows version tested with: windows 11 21h2 os build 22000.434
Registry Change: as suggested below link: how to enable TLS 1.3 in windows 10
Any suggestion or a small sample of C++ code snipped is well appreciated, as well as any advice which may help me to understand what is wrong with the client.
Thank you
Regards: Ajay Jaiswal
Submit an article or tip