hello,everyone!
Environmental description:
client :Postman for Mac version 10.20.0
server:nginx version: nginx/1.18.0 (Ubuntu)
built with OpenSSL 3.0.2 15 Mar 2022 (nginx.conf → ssl_protocols TLSv1.3 and ssl_prefer_server_ciphers on;)
Brief description of the problem and ideas:
I tried to use postman to send a get request for https, and postman reported an error.。SSL Error: Certificate has expired .
But my certificate has just been issued, and the web can be accessed normally,
so I used wireshark to grab the package and analyze the tls handshake process of the postman and the server.
I know that in the general settings of postman, turn off SSL certificate verification to send https normally,
but this is not what I want.
I imported the ca.cer of the requested domain name into postman to Certificates.
I want to know why postman sent to client hello does not support tls1.3.
Wireshark’s packet capture data
The tls handshake protocol part of the client
The tls handshake protocol part of the server
What should I do if I want to use tls1.3?