Mbed TLS is now part of TrustedFirmware.org.

Minor version mismatch

Mar 16, 2018 21:23
Frank Exoo

Dear all,

I am very new to this topic, hope someone can help me out.

I am using version 2.7.0 on an ESP8266 in combination with the nodemcu (Lua) firmware. On one website the applications fails with: Minor version mismatch This is where the mismatch is being detected:

TLS<2> (heap=18376): ssl_tls.c:2429 <= fetch input
TLS<4> (heap=18376): ssl_tls.c:3513 dumping 'input record header' (5 bytes)
TLS<4> (heap=18376): ssl_tls.c:3513 0000:  15 03 04 00 02
TLS<3> (heap=18376): ssl_tls.c:3522 input record: msgtype = 21, version = [3:4], msglen = 2
TLS<1> (heap=18376): ssl_tls.c:3552 minor version mismatch

This suggests TLS 1.3? At the start of the communication however, the maximum version is set to TLS 1.2:

TLS<2> (heap=18376): ssl_cli.c:730 => write client hello
TLS<3> (heap=18376): ssl_cli.c:768 client hello, max version: [3:3]

Using ssllabs to inspect the website in question also shows the maximum version is TLS 1.2.

So, can anyone help me figuring out how to resolve this version mismatch?

Mar 25, 2018 12:25
Ron Eldor

Hi Frank,
I have answered your other post.
Please create one post per question next time.
Mbed TLS Team member