IE11 on Win7 handshake_failure

JuergenAuer · October 2, 2020, 12:34pm

Ah, thanks, checked, good to know.

But your setup can't work:

That's

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) ECDH secp521r1 (eq. 15360 bits RSA) FS	128
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) ECDH secp521r1 (eq. 15360 bits RSA) FS	256
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8) ECDH secp521r1 (eq. 15360 bits RSA) FS	256

too limited. Windows doesn't support GCM with RSA and no Chacha20. So there is no matching Cipher suite.

Yes, you have to use the deprecated CBC, so you will have a Grade B.

Topic		Replies	Views
Troubleshooting Internet Explorer handshake failures Help	7	3853	September 27, 2018
Server sent fatal alert: handshake_failure Help	4	1326	December 3, 2021
2 Problems with my certificate Help	27	3297	May 16, 2020
Safari on iOS8 and IE11 couldn't connect to website Help	4	19321	April 7, 2020
iOS / Safari handshake failure Help	18	4693	November 27, 2020