**Problem**

I noticed that when a letsencrypt issued certificate is installed on IIS, Windows XP clients (e.g. IE, wininet, winhttp using schannel) are unable to connect. I would like to emphasis that this does not just affect Windows XP users using IE but any application on Windows XP / Windows 2003 which uses Schannel (WinInet, WinHTTP, etc).

**Analysis**

SSL Labs: SSL Report: the following ciphers are offered:

letsencrypt certificate:

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) ECDH 256 bits (eq. 3072 bits RSA) FS 256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) ECDH 256 bits (eq. 3072 bits RSA) FS 128

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH 256 bits (eq. 3072 bits RSA) FS 256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH 256 bits (eq. 3072 bits RSA) FS 128

Only ciphers with FS are offered.

When a certificate issued from any other CA is used, the ciphers are as following:

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) ECDH 256 bits (eq. 3072 bits RSA) FS 256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) ECDH 256 bits (eq. 3072 bits RSA) FS 128

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH 256 bits (eq. 3072 bits RSA) FS 256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH 256 bits (eq. 3072 bits RSA) FS 128

TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d) 256

TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c) 128

TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d) 256

TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c) 128

TLS_RSA_WITH_AES_256_CBC_SHA (0x35) 256

TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) 128

TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) 112

Notice that ciphers without FS are offered.

**Cause**

The problem is not with the lack of support of SNI on Windows XP but with the certificate policy. The working certificates allow the following purposes:

Ensures the identity of a remote computer

Proves your identity to a remote computer

1.3.6.1.4.1.36305.6.1.2.2.1

letsencrypt certificate purpose:

Ensures the identity of a remote computer

2.23.140.1.2.1

1.3.6.1.4.1.44947.1.1.1

You will notice that the â€śProves your identity to a remote computerâ€ť purpose is absent, supposedly blocked by the certificate chain for the letsencrypt issued certificate. As a result IIS will disable all non PF ciphers.

**Solution**

The issued certificate allows the â€śProves your identity to a remote computerâ€ť enhanced key usage, however it seems that a certificate in the chain does block this purpose. Are there any plans to fix this?