I have OpenSSL 1.1.1n on a Debian11 server, configured to use MinProtocol = TLSv1.2
When the server receives a ClientHello as below:
TLSv1.2 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 142
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
Length: 138
Version: TLS 1.2 (0x0303)
with Record Layer Version set to TLSv.1 but with Handshake Version set to TLSv1.2 it rejects it with a Protocol Version alert and closes the connection, when according to https://datatracker.ietf.org/doc/html/rfc5246#appendix-E this looks like an accepted behavior and should not be rejected.
Is openssl breaching the RFC here, or am I missing a configuration parameter that I can adjust to fix this?
On the other hand, when I decrease the MinProtocol to TLSv1, the server accepts the ClientHello and responds with a TLSv1 Handshake, which causes the entire session to be over TLSv1 and is not accepted by the other party.
I have found out that setting both MinProtocol and MaxProtocol as below:
MinProtocol = TLSv1
MaxProtocol = TLSv1.2
fixes the both issues.