https://devzone.nordicsemi.com/f/nordic-q-a/76550/tls-1-3-sslHello! I need little help in setting up mBed TLS 1.3 socket.. I am using the https_client, how do I configure the project Regardsen-USTelligent Community 13Tue, 22 Jun 2021 10:11:14 GMThttps://devzone.nordicsemi.com/thread/316432?ContentTypeID=1Tue, 22 Jun 2021 10:11:14 GMT137ad170-7792-4731-bb38-c0d22fbe4515:38312824-a052-4dc7-b23d-28add1412530H&#229;kon Alseth<p>Glad to hear that the issue was solved!</p> <p>&nbsp;</p> <p>Cheers,</p> <p>Håkon</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/316305?ContentTypeID=1Mon, 21 Jun 2021 14:26:57 GMT137ad170-7792-4731-bb38-c0d22fbe4515:c96dffe0-efbd-4861-ba72-1c24bd44795cyashchabria<p>You are correct , my root CA was incorrect setup your example seems to work&nbsp;</p> <p>Thanks</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/316297?ContentTypeID=1Mon, 21 Jun 2021 14:01:01 GMT137ad170-7792-4731-bb38-c0d22fbe4515:7be3a5b7-25b5-4d28-b42d-a19d57875577H&#229;kon Alseth<p>Hi,</p> <p>&nbsp;</p> <p>My apologies, the nrf socket api will return not supported if you try to passthrough a tls v1.3 prototype.</p> <p>Please also note that mbedtls does not support tls1v3:</p> <p><a href="https://tls.mbed.org/tech-updates/blog/working-towards-mbed-tls-3">https://tls.mbed.org/tech-updates/blog/working-towards-mbed-tls-3</a></p> <p>&nbsp;&nbsp;</p> [quote user="yashchabria"]<p>I need to interface to an API that has CA based on TLS 1.3(GlobalSign-RootCA-R3); I tried using the TLS1.2 https_client sample, with GlobaSign-RootCA -R2&nbsp; but no luck</p> <p></p> <p>I have 3 options</p> <p>1) mbedtls</p> <p>2)wolfSSL</p> <p>3) nrf_ *socket api</p>[/quote] <p>&nbsp;You sure you need TLS v1.3 to finish this request? It sounds like there&#39;s a problem with the Root CA, and not the tls version.</p> <p>If you try setting this specific variable to &quot;NONE&quot;, which will disable&nbsp;hostname&nbsp;verification?</p> <p>(note: disable this&nbsp;<strong>purely for testing</strong> <strong>purposes</strong>)<strong>&nbsp;</strong></p> <p><a href="https://github.com/nrfconnect/sdk-nrf/blob/master/samples/nrf9160/https_client/src/main.c#L122">https://github.com/nrfconnect/sdk-nrf/blob/master/samples/nrf9160/https_client/src/main.c#L122</a></p> <p>&nbsp;</p> <p>Kind regards,</p> <p>Håkon</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/316248?ContentTypeID=1Mon, 21 Jun 2021 11:30:47 GMT137ad170-7792-4731-bb38-c0d22fbe4515:298487e9-71d4-44d3-bd6f-cc32f0c0b1b5yashchabria<p>Thanks, I saw the net_ip.h header file, however there is mention of I can use mbedtls, when I configure mbedtls, I get&nbsp;&nbsp;<span>undefined reference to `mbedtls_net_connect&#39;</span></p> <p>I need to interface to an API that has CA based on TLS 1.3(GlobalSign-RootCA-R3); I tried using the TLS1.2 https_client sample, with GlobaSign-RootCA -R2&nbsp; but no luck</p> <p></p> <p>I have 3 options</p> <p>1) mbedtls</p> <p>2)wolfSSL</p> <p>3) nrf_ *socket api</p> <p></p> <p>Please can you help me with mbedtls&nbsp;</p> <p></p> <p>Regards</p> <p>Yash</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/316173?ContentTypeID=1Mon, 21 Jun 2021 07:41:09 GMT137ad170-7792-4731-bb38-c0d22fbe4515:082ba26f-bdce-4f1b-81d0-4c9c1f670382H&#229;kon Alseth<p>Hi,</p> <p>&nbsp;</p> <p>The networking api in zephyr does not have support for tls v1.3:</p> <p><a href="https://github.com/nrfconnect/sdk-zephyr/blob/master/include/net/net_ip.h#L75-L81">https://github.com/nrfconnect/sdk-zephyr/blob/master/include/net/net_ip.h#L75-L81</a></p> <p>&nbsp;</p> <p>However, if you use the nrf_* socket api directly, you can setup a socket with tls v1.3:</p> <p><a href="https://github.com/nrfconnect/sdk-nrfxlib/blob/v1.5.1/nrf_modem/include/nrf_socket.h#L120">https://github.com/nrfconnect/sdk-nrfxlib/blob/v1.5.1/nrf_modem/include/nrf_socket.h#L120</a></p> <p>&nbsp;</p> <p>Is there anything specific you want to do?&nbsp;</p> <p>&nbsp;</p> <p>Kind regards,</p> <p>Håkon</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/316153?ContentTypeID=1Mon, 21 Jun 2021 04:44:54 GMT137ad170-7792-4731-bb38-c0d22fbe4515:c430799e-da77-4a19-a1f5-a345c6311825yashchabria<p>I cannot find&nbsp;<span>mbedtls_net_connect function</span></p> <p>nrf9160ns\Debug/../../../src/main.c:81: undefined reference to `mbedtls_net_connect&#39;</p><div style="clear:both;"></div>