summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatt Caswell <matt@openssl.org>2016-10-21 18:39:33 +0200
committerMatt Caswell <matt@openssl.org>2016-11-02 14:08:21 +0100
commit582a17d662d123eafbb70c9eaaa140a2559b7cdb (patch)
treedbdc271e94609b3095b676a93bac0f242692a1e9
parentTEST_check macro: don't end with semi (diff)
downloadopenssl-582a17d662d123eafbb70c9eaaa140a2559b7cdb.tar.xz
openssl-582a17d662d123eafbb70c9eaaa140a2559b7cdb.zip
Add the SSL_METHOD for TLSv1.3 and all other base changes required
Includes addition of the various options to s_server/s_client. Also adds one of the new TLS1.3 ciphersuites. This isn't "real" TLS1.3!! It's identical to TLS1.2 apart from the protocol and the ciphersuite...and the ciphersuite is just a renamed TLS1.2 one (not a "real" TLS1.3 ciphersuite). Reviewed-by: Rich Salz <rsalz@openssl.org>
-rw-r--r--apps/apps.h6
-rw-r--r--apps/ciphers.c8
-rw-r--r--apps/s_cb.c2
-rw-r--r--apps/s_client.c11
-rw-r--r--apps/s_server.c11
-rw-r--r--doc/man1/ciphers.pod6
-rw-r--r--doc/man1/s_client.pod4
-rw-r--r--doc/man1/s_server.pod6
-rw-r--r--doc/man3/SSL_CONF_cmd.pod11
-rw-r--r--doc/man3/SSL_CTX_new.pod12
-rw-r--r--doc/man3/SSL_CTX_set_min_proto_version.pod4
-rw-r--r--doc/man3/SSL_CTX_set_options.pod4
-rw-r--r--include/openssl/ssl.h3
-rw-r--r--include/openssl/tls1.h13
-rw-r--r--ssl/methods.c18
-rw-r--r--ssl/s3_lib.c15
-rw-r--r--ssl/ssl_conf.c4
-rw-r--r--ssl/ssl_lib.c4
-rw-r--r--ssl/ssl_locl.h4
-rw-r--r--ssl/ssl_sess.c3
-rw-r--r--ssl/statem/statem_lib.c9
-rw-r--r--ssl/t1_lib.c20
-rw-r--r--ssl/t1_trce.c2
-rw-r--r--test/cipherlist_test.c6
-rw-r--r--test/recipes/80-test_ssl_old.t30
-rw-r--r--test/ssl-tests/02-protocol-version.conf11195
-rw-r--r--test/ssl-tests/10-resumption.conf1436
-rw-r--r--test/ssl-tests/13-fragmentation.conf6
-rw-r--r--test/ssl-tests/13-fragmentation.conf.in6
-rw-r--r--test/ssl-tests/14-curves.conf29
-rw-r--r--test/ssl-tests/14-curves.conf.in4
-rw-r--r--test/ssl-tests/protocol_version.pm22
-rw-r--r--test/ssl_test_ctx.c1
-rw-r--r--test/ssltest_old.c24
-rw-r--r--util/TLSProxy/Proxy.pm4
35 files changed, 11486 insertions, 1457 deletions
diff --git a/apps/apps.h b/apps/apps.h
index 9dc473767e..d9f7c08e94 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -210,7 +210,7 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate,
# define OPT_S_ENUM \
OPT_S__FIRST=3000, \
OPT_S_NOSSL3, OPT_S_NOTLS1, OPT_S_NOTLS1_1, OPT_S_NOTLS1_2, \
- OPT_S_BUGS, OPT_S_NO_COMP, OPT_S_NOTICKET, \
+ OPT_S_NOTLS1_3, OPT_S_BUGS, OPT_S_NO_COMP, OPT_S_NOTICKET, \
OPT_S_SERVERPREF, OPT_S_LEGACYRENEG, OPT_S_LEGACYCONN, \
OPT_S_ONRESUMP, OPT_S_NOLEGACYCONN, OPT_S_STRICT, OPT_S_SIGALGS, \
OPT_S_CLIENTSIGALGS, OPT_S_CURVES, OPT_S_NAMEDCURVE, OPT_S_CIPHER, \
@@ -222,6 +222,7 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate,
{"no_tls1", OPT_S_NOTLS1, '-', "Just disable TLSv1"}, \
{"no_tls1_1", OPT_S_NOTLS1_1, '-', "Just disable TLSv1.1" }, \
{"no_tls1_2", OPT_S_NOTLS1_2, '-', "Just disable TLSv1.2"}, \
+ {"no_tls1_3", OPT_S_NOTLS1_3, '-', "Just disable TLSv1.3"}, \
{"bugs", OPT_S_BUGS, '-', "Turn on SSL bug compatibility"}, \
{"no_comp", OPT_S_NO_COMP, '-', "Disable SSL/TLS compression (default)" }, \
{"comp", OPT_S_COMP, '-', "Use SSL/TLS-level compression" }, \
@@ -259,6 +260,7 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate,
case OPT_S_NOTLS1: \
case OPT_S_NOTLS1_1: \
case OPT_S_NOTLS1_2: \
+ case OPT_S_NOTLS1_3: \
case OPT_S_BUGS: \
case OPT_S_NO_COMP: \
case OPT_S_COMP: \
@@ -279,7 +281,7 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate,
#define IS_NO_PROT_FLAG(o) \
(o == OPT_S_NOSSL3 || o == OPT_S_NOTLS1 || o == OPT_S_NOTLS1_1 \
- || o == OPT_S_NOTLS1_2)
+ || o == OPT_S_NOTLS1_2 || o == OPT_S_NOTLS1_3)
/*
* Option parsing.
diff --git a/apps/ciphers.c b/apps/ciphers.c
index 7b99757d7b..531bf8db23 100644
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@@ -21,6 +21,7 @@ typedef enum OPTION_choice {
OPT_TLS1,
OPT_TLS1_1,
OPT_TLS1_2,
+ OPT_TLS1_3,
OPT_PSK,
OPT_SRP,
OPT_V, OPT_UPPER_V, OPT_S
@@ -43,6 +44,9 @@ const OPTIONS ciphers_options[] = {
#ifndef OPENSSL_NO_TLS1_2
{"tls1_2", OPT_TLS1_2, '-', "TLS1.2 mode"},
#endif
+#ifndef OPENSSL_NO_TLS1_3
+ {"tls1_3", OPT_TLS1_3, '-', "TLS1.3 mode"},
+#endif
#ifndef OPENSSL_NO_SSL_TRACE
{"stdname", OPT_STDNAME, '-', "Show standard cipher names"},
#endif
@@ -135,6 +139,10 @@ int ciphers_main(int argc, char **argv)
min_version = TLS1_2_VERSION;
max_version = TLS1_2_VERSION;
break;
+ case OPT_TLS1_3:
+ min_version = TLS1_3_VERSION;
+ max_version = TLS1_3_VERSION;
+ break;
case OPT_PSK:
#ifndef OPENSSL_NO_PSK
psk = 1;
diff --git a/apps/s_cb.c b/apps/s_cb.c
index 9535f12690..c37b9a1cda 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -453,6 +453,7 @@ static STRINT_PAIR ssl_versions[] = {
{"TLS 1.0", TLS1_VERSION},
{"TLS 1.1", TLS1_1_VERSION},
{"TLS 1.2", TLS1_2_VERSION},
+ {"TLS 1.3", TLS1_3_VERSION},
{"DTLS 1.0", DTLS1_VERSION},
{"DTLS 1.0 (bad)", DTLS1_BAD_VER},
{NULL}
@@ -522,6 +523,7 @@ void msg_cb(int write_p, int version, int content_type, const void *buf,
version == TLS1_VERSION ||
version == TLS1_1_VERSION ||
version == TLS1_2_VERSION ||
+ version == TLS1_3_VERSION ||
version == DTLS1_VERSION || version == DTLS1_BAD_VER) {
switch (content_type) {
case 20:
diff --git a/apps/s_client.c b/apps/s_client.c
index 55803e98dd..a407303a07 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -539,7 +539,7 @@ typedef enum OPTION_choice {
OPT_SRP_MOREGROUPS,
#endif
OPT_SSL3, OPT_SSL_CONFIG,
- OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1,
+ OPT_TLS1_3, OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1,
OPT_DTLS1_2, OPT_TIMEOUT, OPT_MTU, OPT_KEYFORM, OPT_PASS,
OPT_CERT_CHAIN, OPT_CAPATH, OPT_NOCAPATH, OPT_CHAINCAPATH,
OPT_VERIFYCAPATH,
@@ -680,6 +680,9 @@ const OPTIONS s_client_options[] = {
#ifndef OPENSSL_NO_TLS1_2
{"tls1_2", OPT_TLS1_2, '-', "Just use TLSv1.2"},
#endif
+#ifndef OPENSSL_NO_TLS1_3
+ {"tls1_3", OPT_TLS1_3, '-', "Just use TLSv1.3"},
+#endif
#ifndef OPENSSL_NO_DTLS
{"dtls", OPT_DTLS, '-', "Use any version of DTLS"},
{"timeout", OPT_TIMEOUT, '-',
@@ -762,7 +765,7 @@ static const OPT_PAIR services[] = {
#define IS_PROT_FLAG(o) \
(o == OPT_SSL3 || o == OPT_TLS1 || o == OPT_TLS1_1 || o == OPT_TLS1_2 \
- || o == OPT_DTLS || o == OPT_DTLS1 || o == OPT_DTLS1_2)
+ || o == OPT_TLS1_3 || o == OPT_DTLS || o == OPT_DTLS1 || o == OPT_DTLS1_2)
/* Free |*dest| and optionally set it to a copy of |source|. */
static void freeandcopy(char **dest, const char *source)
@@ -1156,6 +1159,10 @@ int s_client_main(int argc, char **argv)
min_version = SSL3_VERSION;
max_version = SSL3_VERSION;
break;
+ case OPT_TLS1_3:
+ min_version = TLS1_3_VERSION;
+ max_version = TLS1_3_VERSION;
+ break;
case OPT_TLS1_2:
min_version = TLS1_2_VERSION;
max_version = TLS1_2_VERSION;
diff --git a/apps/s_server.c b/apps/s_server.c
index d32b9dffd5..24841c528e 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -669,7 +669,7 @@ typedef enum OPTION_choice {
OPT_NO_RESUME_EPHEMERAL, OPT_PSK_HINT, OPT_PSK, OPT_SRPVFILE,
OPT_SRPUSERSEED, OPT_REV, OPT_WWW, OPT_UPPER_WWW, OPT_HTTP, OPT_ASYNC,
OPT_SSL_CONFIG, OPT_SPLIT_SEND_FRAG, OPT_MAX_PIPELINES, OPT_READ_BUF,
- OPT_SSL3, OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1,
+ OPT_SSL3, OPT_TLS1_3, OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1,
OPT_DTLS1_2, OPT_TIMEOUT, OPT_MTU, OPT_LISTEN,
OPT_ID_PREFIX, OPT_RAND, OPT_SERVERNAME, OPT_SERVERNAME_FATAL,
OPT_CERT2, OPT_KEY2, OPT_NEXTPROTONEG, OPT_ALPN,
@@ -834,6 +834,9 @@ const OPTIONS s_server_options[] = {
#ifndef OPENSSL_NO_TLS1_2
{"tls1_2", OPT_TLS1_2, '-', "just talk TLSv1.2"},
#endif
+#ifndef OPENSSL_NO_TLS1_3
+ {"tls1_3", OPT_TLS1_3, '-', "just talk TLSv1.3"},
+#endif
#ifndef OPENSSL_NO_DTLS
{"dtls", OPT_DTLS, '-', "Use any DTLS version"},
{"timeout", OPT_TIMEOUT, '-', "Enable timeouts"},
@@ -868,7 +871,7 @@ const OPTIONS s_server_options[] = {
#define IS_PROT_FLAG(o) \
(o == OPT_SSL3 || o == OPT_TLS1 || o == OPT_TLS1_1 || o == OPT_TLS1_2 \
- || o == OPT_DTLS || o == OPT_DTLS1 || o == OPT_DTLS1_2)
+ || o == OPT_TLS1_3 || o == OPT_DTLS || o == OPT_DTLS1 || o == OPT_DTLS1_2)
int s_server_main(int argc, char *argv[])
{
@@ -1321,6 +1324,10 @@ int s_server_main(int argc, char *argv[])
min_version = SSL3_VERSION;
max_version = SSL3_VERSION;
break;
+ case OPT_TLS1_3:
+ min_version = TLS1_3_VERSION;
+ max_version = TLS1_3_VERSION;
+ break;
case OPT_TLS1_2:
min_version = TLS1_2_VERSION;
max_version = TLS1_2_VERSION;
diff --git a/doc/man1/ciphers.pod b/doc/man1/ciphers.pod
index c392077653..30f572139c 100644
--- a/doc/man1/ciphers.pod
+++ b/doc/man1/ciphers.pod
@@ -15,6 +15,7 @@ B<openssl> B<ciphers>
[B<-tls1>]
[B<-tls1_1>]
[B<-tls1_2>]
+[B<-tls1_3>]
[B<-s>]
[B<-psk>]
[B<-srp>]
@@ -69,6 +70,11 @@ L<SSL_CIPHER_description(3)>.
Like B<-v>, but include the official cipher suite values in hex.
+=item B<-tls1_3>
+
+In combination with the B<-s> option, list the ciphers which would be used if
+TLSv1.3 were negotiated.
+
=item B<-tls1_2>
In combination with the B<-s> option, list the ciphers which would be used if
diff --git a/doc/man1/s_client.pod b/doc/man1/s_client.pod
index 4a2a28021c..4f21ea4093 100644
--- a/doc/man1/s_client.pod
+++ b/doc/man1/s_client.pod
@@ -68,10 +68,12 @@ B<openssl> B<s_client>
[B<-tls1>]
[B<-tls1_1>]
[B<-tls1_2>]
+[B<-tls1_3>]
[B<-no_ssl3>]
[B<-no_tls1>]
[B<-no_tls1_1>]
[B<-no_tls1_2>]
+[B<-no_tls1_3>]
[B<-dtls>]
[B<-dtls1>]
[B<-dtls1_2>]
@@ -336,7 +338,7 @@ Use the PSK key B<key> when using a PSK cipher suite. The key is
given as a hexadecimal number without leading 0x, for example -psk
1a2b3c4d.
-=item B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
+=item B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-tls1_3>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>, B<-no_tls1_3>
These options require or disable the use of the specified SSL or TLS protocols.
By default B<s_client> will negotiate the highest mutually supported protocol
diff --git a/doc/man1/s_server.pod b/doc/man1/s_server.pod
index b0d7888730..b6c5659972 100644
--- a/doc/man1/s_server.pod
+++ b/doc/man1/s_server.pod
@@ -69,6 +69,9 @@ B<openssl> B<s_server>
[B<-quiet>]
[B<-ssl3>]
[B<-tls1>]
+[B<-tls1_1>]
+[B<-tls1_2>]
+[B<-tls1_3>]
[B<-dtls>]
[B<-dtls1>]
[B<-dtls1_2>]
@@ -81,6 +84,7 @@ B<openssl> B<s_server>
[B<-no_tls1>]
[B<-no_tls1_1>]
[B<-no_tls1_2>]
+[B<-no_tls1_3>]
[B<-no_dhe>]
[B<-bugs>]
[B<-comp>]
@@ -295,7 +299,7 @@ Use the PSK key B<key> when using a PSK cipher suite. The key is
given as a hexadecimal number without leading 0x, for example -psk
1a2b3c4d.
-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
+=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-tls1_3>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>, B<-no_tls1_3>
These options require or disable the use of the specified SSL or TLS protocols.
By default B<s_server> will negotiate the highest mutually supported protocol
diff --git a/doc/man3/SSL_CONF_cmd.pod b/doc/man3/SSL_CONF_cmd.pod
index d8c0e9b95d..60b80d39ee 100644
--- a/doc/man3/SSL_CONF_cmd.pod
+++ b/doc/man3/SSL_CONF_cmd.pod
@@ -121,12 +121,13 @@ if specified.
To restrict the supported protocol versions use these commands rather
than the deprecated alternative commands below.
-=item B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
+=item B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>, B<-no_tls1_3>
-Disables protocol support for SSLv3, TLSv1.0, TLSv1.1 or TLSv1.2 by setting the
-corresponding options B<SSL_OP_NO_SSLv3>, B<SSL_OP_NO_TLSv1>, B<SSL_OP_NO_TLSv1_1>
-and B<SSL_OP_NO_TLSv1_2> respectively.
-These options are deprecated, instead use B<-min_protocol> and B<-max_protocol>.
+Disables protocol support for SSLv3, TLSv1.0, TLSv1.1, TLSv1.2 or TLSv1.3 by
+setting the corresponding options B<SSL_OP_NO_SSLv3>, B<SSL_OP_NO_TLSv1>,
+B<SSL_OP_NO_TLSv1_1>, B<SSL_OP_NO_TLSv1_2> and B<SSL_OP_NO_TLSv1_3>
+respectively. These options are deprecated, instead use B<-min_protocol> and
+B<-max_protocol>.
=item B<-bugs>
diff --git a/doc/man3/SSL_CTX_new.pod b/doc/man3/SSL_CTX_new.pod
index 29387d343f..512fca8de0 100644
--- a/doc/man3/SSL_CTX_new.pod
+++ b/doc/man3/SSL_CTX_new.pod
@@ -156,12 +156,12 @@ and be able to negotiate with all possible clients, but to only
allow newer protocols like TLS 1.0, TLS 1.1 or TLS 1.2.
The list of protocols available can also be limited using the
-B<SSL_OP_NO_SSLv3>, B<SSL_OP_NO_TLSv1>, B<SSL_OP_NO_TLSv1_1> and
-B<SSL_OP_NO_TLSv1_2> options of the L<SSL_CTX_set_options(3)> or
-L<SSL_set_options(3)> functions, but this approach is not recommended.
-Clients should avoid creating "holes" in the set of protocols they support.
-When disabling a protocol, make sure that you also disable either all previous
-or all subsequent protocol versions.
+B<SSL_OP_NO_SSLv3>, B<SSL_OP_NO_TLSv1>, B<SSL_OP_NO_TLSv1_1>,
+B<SSL_OP_NO_TLSv1_3> and B<SSL_OP_NO_TLSv1_2> options of the
+L<SSL_CTX_set_options(3)> or L<SSL_set_options(3)> functions, but this approach
+is not recommended. Clients should avoid creating "holes" in the set of
+protocols they support. When disabling a protocol, make sure that you also
+disable either all previous or all subsequent protocol versions.
In clients, when a protocol version is disabled without disabling I<all>
previous protocol versions, the effect is to also disable all subsequent
protocol versions.
diff --git a/doc/man3/SSL_CTX_set_min_proto_version.pod b/doc/man3/SSL_CTX_set_min_proto_version.pod
index 3e9fe80b70..5996d48fe3 100644
--- a/doc/man3/SSL_CTX_set_min_proto_version.pod
+++ b/doc/man3/SSL_CTX_set_min_proto_version.pod
@@ -29,8 +29,8 @@ versions down to the lowest version, or up to the highest version
supported by the library, respectively.
Currently supported versions are B<SSL3_VERSION>, B<TLS1_VERSION>,
-B<TLS1_1_VERSION>, B<TLS1_2_VERSION> for TLS and B<DTLS1_VERSION>,
-B<DTLS1_2_VERSION> for DTLS.
+B<TLS1_1_VERSION>, B<TLS1_2_VERSION>, B<TLS1_3_VERSION> for TLS and
+B<DTLS1_VERSION>, B<DTLS1_2_VERSION> for DTLS.
=head1 RETURN VALUES
diff --git a/doc/man3/SSL_CTX_set_options.pod b/doc/man3/SSL_CTX_set_options.pod
index 63609f3a31..921c812ef3 100644
--- a/doc/man3/SSL_CTX_set_options.pod
+++ b/doc/man3/SSL_CTX_set_options.pod
@@ -155,9 +155,9 @@ own preferences.
=item SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1,
-SSL_OP_NO_TLSv1_2, SSL_OP_NO_DTLSv1, SSL_OP_NO_DTLSv1_2
+SSL_OP_NO_TLSv1_2, SSL_OP_NO_TLSv1_3, SSL_OP_NO_DTLSv1, SSL_OP_NO_DTLSv1_2
-These options turn off the SSLv3, TLSv1, TLSv1.1 or TLSv1.2 protocol
+These options turn off the SSLv3, TLSv1, TLSv1.1, TLSv1.2 or TLSv1.3 protocol
versions with TLS or the DTLSv1, DTLSv1.2 versions with DTLS,
respectively.
As of OpenSSL 1.1.0, these options are deprecated, use
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 20013dbfe8..f0aa306133 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -343,12 +343,13 @@ typedef int (*custom_ext_parse_cb) (SSL *s, unsigned int ext_type,
# define SSL_OP_NO_TLSv1 0x04000000U
# define SSL_OP_NO_TLSv1_2 0x08000000U
# define SSL_OP_NO_TLSv1_1 0x10000000U
+# define SSL_OP_NO_TLSv1_3 0x20000000U
# define SSL_OP_NO_DTLSv1 0x04000000U
# define SSL_OP_NO_DTLSv1_2 0x08000000U
# define SSL_OP_NO_SSL_MASK (SSL_OP_NO_SSLv3|\
- SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2)
+ SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2|SSL_OP_NO_TLSv1_3)
# define SSL_OP_NO_DTLS_MASK (SSL_OP_NO_DTLSv1|SSL_OP_NO_DTLSv1_2)
diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h
index 23e382cdd3..3f7e749c69 100644
--- a/include/openssl/tls1.h
+++ b/include/openssl/tls1.h
@@ -65,7 +65,8 @@ extern "C" {
# define TLS1_VERSION 0x0301
# define TLS1_1_VERSION 0x0302
# define TLS1_2_VERSION 0x0303
-# define TLS_MAX_VERSION TLS1_2_VERSION
+# define TLS1_3_VERSION 0x0304
+# define TLS_MAX_VERSION TLS1_3_VERSION
/* Special value for method supporting multiple versions */
# define TLS_ANY_VERSION 0x10000
@@ -599,6 +600,9 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
# define TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305 0x0300CCAD
# define TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305 0x0300CCAE
+/* TLS v1.3 ciphersuites */
+# define TLS1_3_CK_AES_128_GCM_SHA256 0x03000D01
+
/*
* XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
* ciphers names with "EDH" instead of "DHE". Going forward, we should be
@@ -868,6 +872,13 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
# define TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305 "DHE-PSK-CHACHA20-POLY1305"
# define TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305 "RSA-PSK-CHACHA20-POLY1305"
+/* TLSv1.3 ciphersuites */
+/*
+ * TODO(TLS1.3): Review the naming scheme for TLSv1.3 ciphers and also the
+ * cipherstring selection process for these ciphers
+ */
+# define TLS1_3_TXT_AES_128_GCM_SHA256 "TLS13-AES-128-GCM-SHA256"
+
# define TLS_CT_RSA_SIGN 1
# define TLS_CT_DSS_SIGN 2
# define TLS_CT_RSA_FIXED_DH 3
diff --git a/ssl/methods.c b/ssl/methods.c
index c846143277..f0926b7ce0 100644
--- a/ssl/methods.c
+++ b/ssl/methods.c
@@ -19,6 +19,12 @@ IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, 0, 0,
TLS_method,
ossl_statem_accept,
ossl_statem_connect, TLSv1_2_enc_data)
+#ifndef OPENSSL_NO_TLS1_3_METHOD
+IMPLEMENT_tls_meth_func(TLS1_3_VERSION, 0, SSL_OP_NO_TLSv1_3,
+ tlsv1_3_method,
+ ossl_statem_accept,
+ ossl_statem_connect, TLSv1_3_enc_data)
+#endif
#ifndef OPENSSL_NO_TLS1_2_METHOD
IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2,
tlsv1_2_method,
@@ -46,6 +52,12 @@ IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, 0, 0,
TLS_server_method,
ossl_statem_accept,
ssl_undefined_function, TLSv1_2_enc_data)
+#ifndef OPENSSL_NO_TLS1_3_METHOD
+IMPLEMENT_tls_meth_func(TLS1_3_VERSION, 0, SSL_OP_NO_TLSv1_3,
+ tlsv1_3_server_method,
+ ossl_statem_accept,
+ ssl_undefined_function, TLSv1_3_enc_data)
+#endif
#ifndef OPENSSL_NO_TLS1_2_METHOD
IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2,
tlsv1_2_server_method,
@@ -75,6 +87,12 @@ IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, 0, 0,
TLS_client_method,
ssl_undefined_function,
ossl_statem_connect, TLSv1_2_enc_data)
+#ifndef OPENSSL_NO_TLS1_3_METHOD
+IMPLEMENT_tls_meth_func(TLS1_3_VERSION, 0, SSL_OP_NO_TLSv1_3,
+ tlsv1_3_client_method,
+ ssl_undefined_function,
+ ossl_statem_connect, TLSv1_3_enc_data)
+#endif
#ifndef OPENSSL_NO_TLS1_2_METHOD
IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2,
tlsv1_2_client_method,
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index d19b97a4d9..ffdb45403d 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -834,6 +834,21 @@ static SSL_CIPHER ssl3_ciphers[] = {
256,
256,
},
+ {
+ 1,
+ TLS1_3_TXT_AES_128_GCM_SHA256,
+ TLS1_3_CK_AES_128_GCM_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ TLS1_3_VERSION, TLS1_3_VERSION,
+ 0, 0,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
#ifndef OPENSSL_NO_EC
{
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index 3957946092..63687b5ba1 100644
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -257,6 +257,7 @@ static int cmd_Protocol(SSL_CONF_CTX *cctx, const char *value)
SSL_FLAG_TBL_INV("TLSv1", SSL_OP_NO_TLSv1),
SSL_FLAG_TBL_INV("TLSv1.1", SSL_OP_NO_TLSv1_1),
SSL_FLAG_TBL_INV("TLSv1.2", SSL_OP_NO_TLSv1_2),
+ SSL_FLAG_TBL_INV("TLSv1.3", SSL_OP_NO_TLSv1_3),
SSL_FLAG_TBL_INV("DTLSv1", SSL_OP_NO_DTLSv1),
SSL_FLAG_TBL_INV("DTLSv1.2", SSL_OP_NO_DTLSv1_2)
};
@@ -282,6 +283,7 @@ static int protocol_from_string(const char *value)
{"TLSv1", TLS1_VERSION},
{"TLSv1.1", TLS1_1_VERSION},
{"TLSv1.2", TLS1_2_VERSION},
+ {"TLSv1.3", TLS1_3_VERSION},
{"DTLSv1", DTLS1_VERSION},
{"DTLSv1.2", DTLS1_2_VERSION}
};
@@ -526,6 +528,7 @@ static const ssl_conf_cmd_tbl ssl_conf_cmds[] = {
SSL_CONF_CMD_SWITCH("no_tls1", 0),
SSL_CONF_CMD_SWITCH("no_tls1_1", 0),
SSL_CONF_CMD_SWITCH("no_tls1_2", 0),
+ SSL_CONF_CMD_SWITCH("no_tls1_3", 0),
SSL_CONF_CMD_SWITCH("bugs", 0),
SSL_CONF_CMD_SWITCH("no_comp", 0),
SSL_CONF_CMD_SWITCH("comp", 0),
@@ -583,6 +586,7 @@ static const ssl_switch_tbl ssl_cmd_switches[] = {
{SSL_OP_NO_TLSv1, 0}, /* no_tls1 */
{SSL_OP_NO_TLSv1_1, 0}, /* no_tls1_1 */
{SSL_OP_NO_TLSv1_2, 0}, /* no_tls1_2 */
+ {SSL_OP_NO_TLSv1_3, 0}, /* no_tls1_3 */
{SSL_OP_ALL, 0}, /* bugs */
{SSL_OP_NO_COMPRESSION, 0}, /* no_comp */
{SSL_OP_NO_COMPRESSION, SSL_TFLAG_INV}, /* comp */
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 8bf872beec..84dd39371a 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -3072,7 +3072,9 @@ const SSL_METHOD *ssl_bad_method(int ver)
const char *ssl_protocol_to_string(int version)
{
- if (version == TLS1_2_VERSION)
+ if (version == TLS1_3_VERSION)
+ return "TLSv1.3";
+ else if (version == TLS1_2_VERSION)
return "TLSv1.2";
else if (version == TLS1_1_VERSION)
return "TLSv1.1";
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 8a7e1a9474..d5a6fe236e 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1641,6 +1641,9 @@ __owur const SSL_METHOD *tlsv1_1_client_method(void);
__owur const SSL_METHOD *tlsv1_2_method(void);
__owur const SSL_METHOD *tlsv1_2_server_method(void);
__owur const SSL_METHOD *tlsv1_2_client_method(void);
+__owur const SSL_METHOD *tlsv1_3_method(void);
+__owur const SSL_METHOD *tlsv1_3_server_method(void);
+__owur const SSL_METHOD *tlsv1_3_client_method(void);
__owur const SSL_METHOD *dtlsv1_method(void);
__owur const SSL_METHOD *dtlsv1_server_method(void);
__owur const SSL_METHOD *dtlsv1_client_method(void);
@@ -1652,6 +1655,7 @@ __owur const SSL_METHOD *dtlsv1_2_client_method(void);
extern const SSL3_ENC_METHOD TLSv1_enc_data;
extern const SSL3_ENC_METHOD TLSv1_1_enc_data;
extern const SSL3_ENC_METHOD TLSv1_2_enc_data;
+extern const SSL3_ENC_METHOD TLSv1_3_enc_data;
extern const SSL3_ENC_METHOD SSLv3_enc_data;
extern const SSL3_ENC_METHOD DTLSv1_enc_data;
extern const SSL3_ENC_METHOD DTLSv1_2_enc_data;
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index eee1ca1f5b..e0ec918c91 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -320,6 +320,9 @@ int ssl_get_new_session(SSL *s, int session)
} else if (s->version == TLS1_2_VERSION) {
ss->ssl_version = TLS1_2_VERSION;
ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+ } else if (s->version == TLS1_3_VERSION) {
+ ss->ssl_version = TLS1_3_VERSION;
+ ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
} else if (s->version == DTLS1_BAD_VER) {
ss->ssl_version = DTLS1_BAD_VER;
ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index c185d7c72a..a3d8d1ee26 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -647,11 +647,16 @@ typedef struct {
const SSL_METHOD *(*smeth) (void);
} version_info;
-#if TLS_MAX_VERSION != TLS1_2_VERSION
-# error Code needs update for TLS_method() support beyond TLS1_2_VERSION.
+#if TLS_MAX_VERSION != TLS1_3_VERSION
+# error Code needs update for TLS_method() support beyond TLS1_3_VERSION.
#endif
static const version_info tls_version_table[] = {
+#ifndef OPENSSL_NO_TLS1_3
+ {TLS1_3_VERSION, tlsv1_3_client_method, tlsv1_3_server_method},
+#else
+ {TLS1_3_VERSION, NULL, NULL},
+#endif
#ifndef OPENSSL_NO_TLS1_2
{TLS1_2_VERSION, tlsv1_2_client_method, tlsv1_2_server_method},
#else
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 87ebbf3625..e19f93d21c 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -84,6 +84,26 @@ SSL3_ENC_METHOD const TLSv1_2_enc_data = {
ssl3_handshake_write
};
+SSL3_ENC_METHOD const TLSv1_3_enc_data = {
+ tls1_enc,
+ tls1_mac,
+ tls1_setup_key_block,
+ tls1_generate_master_secret,
+ tls1_change_cipher_state,
+ tls1_final_finish_mac,
+ TLS1_FINISH_MAC_LENGTH,
+ TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE,
+ TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
+ tls1_alert_code,
+ tls1_export_keying_material,
+ SSL_ENC_FLAG_EXPLICIT_IV | SSL_ENC_FLAG_SIGALGS | SSL_ENC_FLAG_SHA256_PRF
+ | SSL_ENC_FLAG_TLS1_2_CIPHERS,
+ SSL3_HM_HEADER_LENGTH,
+ ssl3_set_handshake_header,
+ tls_close_construct_packet,
+ ssl3_handshake_write
+};
+
long tls1_default_timeout(void)
{
/*
diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
index 4577f038a3..ab5d2dac76 100644
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -61,6 +61,7 @@ static ssl_trace_tbl ssl_version_tbl[] = {
{TLS1_VERSION, "TLS 1.0"},
{TLS1_1_VERSION, "TLS 1.1"},
{TLS1_2_VERSION, "TLS 1.2"},
+ {TLS1_3_VERSION, "TLS 1.3"},
{DTLS1_VERSION, "DTLS 1.0"},
{DTLS1_2_VERSION, "DTLS 1.2"},
{DTLS1_BAD_VER, "DTLS 1.0 (bad)"}
@@ -422,6 +423,7 @@ static ssl_trace_tbl ssl_ciphers_tbl[] = {
{0xCCAC, "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305"},
{0xCCAD, "TLS_DHE_PSK_WITH_CHACHA20_POLY1305"},
{0xCCAE, "TLS_RSA_PSK_WITH_CHACHA20_POLY1305"},
+ {0x0D01, "TLS_AES_128_GCM_SHA256"},
{0xFEFE, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"},
{0xFEFF, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA"},
};
diff --git a/test/cipherlist_test.c b/test/cipherlist_test.c
index d6556e0537..70ebd83566 100644
--- a/test/cipherlist_test.c
+++ b/test/cipherlist_test.c
@@ -107,10 +107,14 @@ static const uint32_t default_ciphers_in_order[] = {
#ifndef OPENSSL_NO_TLS1_2
TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
+#endif
+#ifndef OPENSSL_NO_TLS1_3
+ TLS1_3_CK_AES_128_GCM_SHA256,
+#endif
+#ifndef OPENSSL_NO_TLS1_2
TLS1_CK_RSA_WITH_AES_256_SHA256,
TLS1_CK_RSA_WITH_AES_128_SHA256,
#endif
-
TLS1_CK_RSA_WITH_AES_256_SHA,
TLS1_CK_RSA_WITH_AES_128_SHA,
};
diff --git a/test/recipes/80-test_ssl_old.t b/test/recipes/80-test_ssl_old.t
index ff1a50ab8f..d413de33b2 100644
--- a/test/recipes/80-test_ssl_old.t
+++ b/test/recipes/80-test_ssl_old.t
@@ -21,10 +21,10 @@ setup("test_ssl");
$ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf");
my ($no_rsa, $no_dsa, $no_dh, $no_ec, $no_srp, $no_psk,
- $no_ssl3, $no_tls1, $no_tls1_1, $no_tls1_2,
+ $no_ssl3, $no_tls1, $no_tls1_1, $no_tls1_2, $no_tls1_3,
$no_dtls, $no_dtls1, $no_dtls1_2, $no_ct) =
anydisabled qw/rsa dsa dh ec srp psk
- ssl3 tls1 tls1_1 tls1_2
+ ssl3 tls1 tls1_1 tls1_2 tls1_3
dtls dtls1 dtls1_2 ct/;
my $no_anytls = alldisabled(available_protocols("tls"));
my $no_anydtls = alldisabled(available_protocols("dtls"));
@@ -446,6 +446,7 @@ sub testssl {
my @protocols = ();
# FIXME: I feel unsure about the following line, is that really just TLSv1.2, or is it all of the SSLv3/TLS protocols?
+ push(@protocols, "TLSv1.3") unless $no_tls1_3;
push(@protocols, "TLSv1.2") unless $no_tls1_2;
push(@protocols, "SSLv3") unless $no_ssl3;
my $protocolciphersuitcount = 0;
@@ -463,22 +464,27 @@ sub testssl {
# The count of protocols is because in addition to the ciphersuits
# we got above, we're running a weak DH test for each protocol
- plan tests => $protocolciphersuitcount + scalar(@protocols);
-
- foreach my $protocol (@protocols) {
- note "Testing ciphersuites for $protocol";
- foreach my $cipher (@{$ciphersuites{$protocol}}) {
- ok(run(test([@ssltest, @exkeys, "-cipher", $cipher,
- $protocol eq "SSLv3" ? ("-ssl3") : ()])),
- "Testing $cipher");
- }
+ plan tests => $protocolciphersuitcount + scalar(@protocols);
+
+ foreach my $protocol (@protocols) {
+ note "Testing ciphersuites for $protocol";
+ my $flag = "";
+ if ($protocol eq "SSLv3") {
+ $flag = "-ssl3";
+ } elsif ($protocol eq "TLSv1.2") {
+ $flag = "-tls1_2";
+ }
+ foreach my $cipher (@{$ciphersuites{$protocol}}) {
+ ok(run(test([@ssltest, @exkeys, "-cipher", $cipher, $flag])),
+ "Testing $cipher");
+ }
is(run(test([@ssltest,
"-s_cipher", "EDH",
"-c_cipher", 'EDH:@SECLEVEL=1',
"-dhe512",
$protocol eq "SSLv3" ? ("-ssl3") : ()])), 0,
"testing connection with weak DH, expecting failure");
- }
+ }
};
subtest 'RSA/(EC)DHE/PSK tests' => sub {
diff --git a/test/ssl-tests/02-protocol-version.conf b/test/ssl-tests/02-protocol-version.conf
index cb89dbc10a..cf618f4e28 100644
--- a/test/ssl-tests/02-protocol-version.conf
+++ b/test/ssl-tests/02-protocol-version.conf
@@ -1,6 +1,6 @@
# Generated with generate_ssl_tests.pl
-num_tests = 361
+num_tests = 676
test-0 = 0-version-negotiation
test-1 = 1-version-negotiation
@@ -363,6 +363,321 @@ test-357 = 357-version-negotiation
test-358 = 358-version-negotiation
test-359 = 359-version-negotiation
test-360 = 360-version-negotiation
+test-361 = 361-version-negotiation
+test-362 = 362-version-negotiation
+test-363 = 363-version-negotiation
+test-364 = 364-version-negotiation
+test-365 = 365-version-negotiation
+test-366 = 366-version-negotiation
+test-367 = 367-version-negotiation
+test-368 = 368-version-negotiation
+test-369 = 369-version-negotiation
+test-370 = 370-version-negotiation
+test-371 = 371-version-negotiation
+test-372 = 372-version-negotiation
+test-373 = 373-version-negotiation
+test-374 = 374-version-negotiation
+test-375 = 375-version-negotiation
+test-376 = 376-version-negotiation
+test-377 = 377-version-negotiation
+test-378 = 378-version-negotiation
+test-379 = 379-version-negotiation
+test-380 = 380-version-negotiation
+test-381 = 381-version-negotiation
+test-382 = 382-version-negotiation
+test-383 = 383-version-negotiation
+test-384 = 384-version-negotiation
+test-385 = 385-version-negotiation
+test-386 = 386-version-negotiation
+test-387 = 387-version-negotiation
+test-388 = 388-version-negotiation
+test-389 = 389-version-negotiation
+test-390 = 390-version-negotiation
+test-391 = 391-version-negotiation
+test-392 = 392-version-negotiation
+test-393 = 393-version-negotiation
+test-394 = 394-version-negotiation
+test-395 = 395-version-negotiation
+test-396 = 396-version-negotiation
+test-397 = 397-version-negotiation
+test-398 = 398-version-negotiation
+test-399 = 399-version-negotiation
+test-400 = 400-version-negotiation
+test-401 = 401-version-negotiation
+test-402 = 402-version-negotiation
+test-403 = 403-version-negotiation
+test-404 = 404-version-negotiation
+test-405 = 405-version-negotiation
+test-406 = 406-version-negotiation
+test-407 = 407-version-negotiation
+test-408 = 408-version-negotiation
+test-409 = 409-version-negotiation
+test-410 = 410-version-negotiation
+test-411 = 411-version-negotiation
+test-412 = 412-version-negotiation
+test-413 = 413-version-negotiation
+test-414 = 414-version-negotiation
+test-415 = 415-version-negotiation
+test-416 = 416-version-negotiation
+test-417 = 417-version-negotiation
+test-418 = 418-version-negotiation
+test-419 = 419-version-negotiation
+test-420 = 420-version-negotiation
+test-421 = 421-version-negotiation
+test-422 = 422-version-negotiation
+test-423 = 423-version-negotiation
+test-424 = 424-version-negotiation
+test-425 = 425-version-negotiation
+test-426 = 426-version-negotiation
+test-427 = 427-version-negotiation
+test-428 = 428-version-negotiation
+test-429 = 429-version-negotiation
+test-430 = 430-version-negotiation
+test-431 = 431-version-negotiation
+test-432 = 432-version-negotiation
+test-433 = 433-version-negotiation
+test-434 = 434-version-negotiation
+test-435 = 435-version-negotiation
+test-436 = 436-version-negotiation
+test-437 = 437-version-negotiation
+test-438 = 438-version-negotiation
+test-439 = 439-version-negotiation
+test-440 = 440-version-negotiation
+test-441 = 441-version-negotiation
+test-442 = 442-version-negotiation
+test-443 = 443-version-negotiation
+test-444 = 444-version-negotiation
+test-445 = 445-version-negotiation
+test-446 = 446-version-negotiation
+test-447 = 447-version-negotiation
+test-448 = 448-version-negotiation
+test-449 = 449-version-negotiation
+test-450 = 450-version-negotiation
+test-451 = 451-version-negotiation
+test-452 = 452-version-negotiation
+test-453 = 453-version-negotiation
+test-454 = 454-version-negotiation
+test-455 = 455-version-negotiation
+test-456 = 456-version-negotiation
+test-457 = 457-version-negotiation
+test-458 = 458-version-negotiation
+test-459 = 459-version-negotiation
+test-460 = 460-version-negotiation
+test-461 = 461-version-negotiation
+test-462 = 462-version-negotiation
+test-463 = 463-version-negotiation
+test-464 = 464-version-negotiation
+test-465 = 465-version-negotiation
+test-466 = 466-version-negotiation
+test-467 = 467-version-negotiation
+test-468 = 468-version-negotiation
+test-469 = 469-version-negotiation
+test-470 = 470-version-negotiation
+test-471 = 471-version-negotiation
+test-472 = 472-version-negotiation
+test-473 = 473-version-negotiation
+test-474 = 474-version-negotiation
+test-475 = 475-version-negotiation
+test-476 = 476-version-negotiation
+test-477 = 477-version-negotiation
+test-478 = 478-version-negotiation
+test-479 = 479-version-negotiation
+test-480 = 480-version-negotiation
+test-481 = 481-version-negotiation
+test-482 = 482-version-negotiation
+test-483 = 483-version-negotiation
+test-484 = 484-version-negotiation
+test-485 = 485-version-negotiation
+test-486 = 486-version-negotiation
+test-487 = 487-version-negotiation
+test-488 = 488-version-negotiation
+test-489 = 489-version-negotiation
+test-490 = 490-version-negotiation
+test-491 = 491-version-negotiation
+test-492 = 492-version-negotiation
+test-493 = 493-version-negotiation
+test-494 = 494-version-negotiation
+test-495 = 495-version-negotiation
+test-496 = 496-version-negotiation
+test-497 = 497-version-negotiation
+test-498 = 498-version-negotiation
+test-499 = 499-version-negotiation
+test-500 = 500-version-negotiation
+test-501 = 501-version-negotiation
+test-502 = 502-version-negotiation
+test-503 = 503-version-negotiation
+test-504 = 504-version-negotiation
+test-505 = 505-version-negotiation
+test-506 = 506-version-negotiation
+test-507 = 507-version-negotiation
+test-508 = 508-version-negotiation
+test-509 = 509-version-negotiation
+test-510 = 510-version-negotiation
+test-511 = 511-version-negotiation
+test-512 = 512-version-negotiation
+test-513 = 513-version-negotiation
+test-514 = 514-version-negotiation
+test-515 = 515-version-negotiation
+test-516 = 516-version-negotiation
+test-517 = 517-version-negotiation
+test-518 = 518-version-negotiation
+test-519 = 519-version-negotiation
+test-520 = 520-version-negotiation
+test-521 = 521-version-negotiation
+test-522 = 522-version-negotiation
+test-523 = 523-version-negotiation
+test-524 = 524-version-negotiation
+test-525 = 525-version-negotiation
+test-526 = 526-version-negotiation
+test-527 = 527-version-negotiation
+test-528 = 528-version-negotiation
+test-529 = 529-version-negotiation
+test-530 = 530-version-negotiation
+test-531 = 531-version-negotiation
+test-532 = 532-version-negotiation
+test-533 = 533-version-negotiation
+test-534 = 534-version-negotiation
+test-535 = 535-version-negotiation
+test-536 = 536-version-negotiation
+test-537 = 537-version-negotiation
+test-538 = 538-version-negotiation
+test-539 = 539-version-negotiation
+test-540 = 540-version-negotiation
+test-541 = 541-version-negotiation
+test-542 = 542-version-negotiation
+test-543 = 543-version-negotiation
+test-544 = 544-version-negotiation
+test-545 = 545-version-negotiation
+test-546 = 546-version-negotiation
+test-547 = 547-version-negotiation
+test-548 = 548-version-negotiation
+test-549 = 549-version-negotiation
+test-550 = 550-version-negotiation
+test-551 = 551-version-negotiation
+test-552 = 552-version-negotiation
+test-553 = 553-version-negotiation
+test-554 = 554-version-negotiation
+test-555 = 555-version-negotiation
+test-556 = 556-version-negotiation
+test-557 = 557-version-negotiation
+test-558 = 558-version-negotiation
+test-559 = 559-version-negotiation
+test-560 = 560-version-negotiation
+test-561 = 561-version-negotiation
+test-562 = 562-version-negotiation
+test-563 = 563-version-negotiation
+test-564 = 564-version-negotiation
+test-565 = 565-version-negotiation
+test-566 = 566-version-negotiation
+test-567 = 567-version-negotiation
+test-568 = 568-version-negotiation
+test-569 = 569-version-negotiation
+test-570 = 570-version-negotiation
+test-571 = 571-version-negotiation
+test-572 = 572-version-negotiation
+test-573 = 573-version-negotiation
+test-574 = 574-version-negotiation
+test-575 = 575-version-negotiation
+test-576 = 576-version-negotiation
+test-577 = 577-version-negotiation
+test-578 = 578-version-negotiation
+test-579 = 579-version-negotiation
+test-580 = 580-version-negotiation
+test-581 = 581-version-negotiation
+test-582 = 582-version-negotiation
+test-583 = 583-version-negotiation
+test-584 = 584-version-negotiation
+test-585 = 585-version-negotiation
+test-586 = 586-version-negotiation
+test-587 = 587-version-negotiation
+test-588 = 588-version-negotiation
+test-589 = 589-version-negotiation
+test-590 = 590-version-negotiation
+test-591 = 591-version-negotiation
+test-592 = 592-version-negotiation
+test-593 = 593-version-negotiation
+test-594 = 594-version-negotiation
+test-595 = 595-version-negotiation
+test-596 = 596-version-negotiation
+test-597 = 597-version-negotiation
+test-598 = 598-version-negotiation
+test-599 = 599-version-negotiation
+test-600 = 600-version-negotiation
+test-601 = 601-version-negotiation
+test-602 = 602-version-negotiation
+test-603 = 603-version-negotiation
+test-604 = 604-version-negotiation
+test-605 = 605-version-negotiation
+test-606 = 606-version-negotiation
+test-607 = 607-version-negotiation
+test-608 = 608-version-negotiation
+test-609 = 609-version-negotiation
+test-610 = 610-version-negotiation
+test-611 = 611-version-negotiation
+test-612 = 612-version-negotiation
+test-613 = 613-version-negotiation
+test-614 = 614-version-negotiation
+test-615 = 615-version-negotiation
+test-616 = 616-version-negotiation
+test-617 = 617-version-negotiation
+test-618 = 618-version-negotiation
+test-619 = 619-version-negotiation
+test-620 = 620-version-negotiation
+test-621 = 621-version-negotiation
+test-622 = 622-version-negotiation
+test-623 = 623-version-negotiation
+test-624 = 624-version-negotiation
+test-625 = 625-version-negotiation
+test-626 = 626-version-negotiation
+test-627 = 627-version-negotiation
+test-628 = 628-version-negotiation
+test-629 = 629-version-negotiation
+test-630 = 630-version-negotiation
+test-631 = 631-version-negotiation
+test-632 = 632-version-negotiation
+test-633 = 633-version-negotiation
+test-634 = 634-version-negotiation
+test-635 = 635-version-negotiation
+test-636 = 636-version-negotiation
+test-637 = 637-version-negotiation
+test-638 = 638-version-negotiation
+test-639 = 639-version-negotiation
+test-640 = 640-version-negotiation
+test-641 = 641-version-negotiation
+test-642 = 642-version-negotiation
+test-643 = 643-version-negotiation
+test-644 = 644-version-negotiation
+test-645 = 645-version-negotiation
+test-646 = 646-version-negotiation
+test-647 = 647-version-negotiation
+test-648 = 648-version-negotiation
+test-649 = 649-version-negotiation
+test-650 = 650-version-negotiation
+test-651 = 651-version-negotiation
+test-652 = 652-version-negotiation
+test-653 = 653-version-negotiation
+test-654 = 654-version-negotiation
+test-655 = 655-version-negotiation
+test-656 = 656-version-negotiation
+test-657 = 657-version-negotiation
+test-658 = 658-version-negotiation
+test-659 = 659-version-negotiation
+test-660 = 660-version-negotiation
+test-661 = 661-version-negotiation
+test-662 = 662-version-negotiation
+test-663 = 663-version-negotiation
+test-664 = 664-version-negotiation
+test-665 = 665-version-negotiation
+test-666 = 666-version-negotiation
+test-667 = 667-version-negotiation
+test-668 = 668-version-negotiation
+test-669 = 669-version-negotiation
+test-670 = 670-version-negotiation
+test-671 = 671-version-negotiation
+test-672 = 672-version-negotiation
+test-673 = 673-version-negotiation
+test-674 = 674-version-negotiation
+test-675 = 675-version-negotiation
# ===========================================================
[0-version-negotiation]
@@ -475,6 +790,7 @@ client = 4-version-negotiation-client
[4-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[4-version-negotiation-client]
@@ -499,8 +815,6 @@ client = 5-version-negotiation-client
[5-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[5-version-negotiation-client]
@@ -525,7 +839,7 @@ client = 6-version-negotiation-client
[6-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = SSLv3
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
@@ -551,7 +865,7 @@ client = 7-version-negotiation-client
[7-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
@@ -577,7 +891,7 @@ client = 8-version-negotiation-client
[8-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
@@ -603,6 +917,7 @@ client = 9-version-negotiation-client
[9-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
@@ -628,8 +943,8 @@ client = 10-version-negotiation-client
[10-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[10-version-negotiation-client]
@@ -654,8 +969,7 @@ client = 11-version-negotiation-client
[11-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[11-version-negotiation-client]
@@ -680,7 +994,7 @@ client = 12-version-negotiation-client
[12-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1
MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
@@ -706,6 +1020,7 @@ client = 13-version-negotiation-client
[13-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.1
MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
@@ -731,8 +1046,8 @@ client = 14-version-negotiation-client
[14-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[14-version-negotiation-client]
@@ -757,8 +1072,8 @@ client = 15-version-negotiation-client
[15-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[15-version-negotiation-client]
@@ -783,7 +1098,7 @@ client = 16-version-negotiation-client
[16-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[16-version-negotiation-client]
@@ -808,8 +1123,8 @@ client = 17-version-negotiation-client
[17-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[17-version-negotiation-client]
@@ -834,7 +1149,8 @@ client = 18-version-negotiation-client
[18-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[18-version-negotiation-client]
@@ -859,17 +1175,18 @@ client = 19-version-negotiation-client
[19-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[19-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-19]
-ExpectedResult = ServerFail
+ExpectedResult = InternalError
# ===========================================================
@@ -884,18 +1201,17 @@ client = 20-version-negotiation-client
[20-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[20-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-20]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -910,18 +1226,18 @@ client = 21-version-negotiation-client
[21-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[21-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-21]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -936,18 +1252,18 @@ client = 22-version-negotiation-client
[22-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[22-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-22]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -962,17 +1278,17 @@ client = 23-version-negotiation-client
[23-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[23-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-23]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -987,18 +1303,18 @@ client = 24-version-negotiation-client
[24-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[24-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-24]
-ExpectedResult = ServerFail
+ExpectedResult = InternalError
# ===========================================================
@@ -1013,19 +1329,17 @@ client = 25-version-negotiation-client
[25-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[25-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-25]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -1040,8 +1354,7 @@ client = 26-version-negotiation-client
[26-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
+MaxProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[26-version-negotiation-client]
@@ -1051,8 +1364,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-26]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -1067,8 +1379,7 @@ client = 27-version-negotiation-client
[27-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = SSLv3
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[27-version-negotiation-client]
@@ -1094,7 +1405,7 @@ client = 28-version-negotiation-client
[28-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[28-version-negotiation-client]
@@ -1120,8 +1431,7 @@ client = 29-version-negotiation-client
[29-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[29-version-negotiation-client]
@@ -1147,8 +1457,7 @@ client = 30-version-negotiation-client
[30-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[30-version-negotiation-client]
@@ -1174,8 +1483,6 @@ client = 31-version-negotiation-client
[31-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[31-version-negotiation-client]
@@ -1201,7 +1508,8 @@ client = 32-version-negotiation-client
[32-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[32-version-negotiation-client]
@@ -1211,8 +1519,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-32]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -1227,8 +1534,8 @@ client = 33-version-negotiation-client
[33-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[33-version-negotiation-client]
@@ -1238,7 +1545,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-33]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
# ===========================================================
@@ -1253,8 +1561,8 @@ client = 34-version-negotiation-client
[34-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[34-version-negotiation-client]
@@ -1264,7 +1572,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-34]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
# ===========================================================
@@ -1279,7 +1588,8 @@ client = 35-version-negotiation-client
[35-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[35-version-negotiation-client]
@@ -1289,7 +1599,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-35]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
# ===========================================================
@@ -1304,8 +1615,8 @@ client = 36-version-negotiation-client
[36-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[36-version-negotiation-client]
@@ -1315,7 +1626,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-36]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
# ===========================================================
@@ -1330,7 +1642,7 @@ client = 37-version-negotiation-client
[37-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[37-version-negotiation-client]
@@ -1340,7 +1652,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-37]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
# ===========================================================
@@ -1355,17 +1668,19 @@ client = 38-version-negotiation-client
[38-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[38-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-38]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
# ===========================================================
@@ -1380,12 +1695,13 @@ client = 39-version-negotiation-client
[39-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[39-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -1406,17 +1722,18 @@ client = 40-version-negotiation-client
[40-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[40-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-40]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -1432,17 +1749,18 @@ client = 41-version-negotiation-client
[41-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[41-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-41]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -1458,16 +1776,17 @@ client = 42-version-negotiation-client
[42-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[42-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-42]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -1483,13 +1802,13 @@ client = 43-version-negotiation-client
[43-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[43-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -1509,19 +1828,18 @@ client = 44-version-negotiation-client
[44-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[44-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-44]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -1536,19 +1854,18 @@ client = 45-version-negotiation-client
[45-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[45-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-45]
-ExpectedProtocol = TLSv1.1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -1563,19 +1880,17 @@ client = 46-version-negotiation-client
[46-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = SSLv3
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[46-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-46]
-ExpectedProtocol = TLSv1.1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -1590,18 +1905,18 @@ client = 47-version-negotiation-client
[47-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[47-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-47]
-ExpectedProtocol = TLSv1.1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -1616,19 +1931,18 @@ client = 48-version-negotiation-client
[48-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[48-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-48]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -1643,19 +1957,17 @@ client = 49-version-negotiation-client
[49-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[49-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-49]
-ExpectedProtocol = TLSv1.1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -1670,19 +1982,18 @@ client = 50-version-negotiation-client
[50-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[50-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-50]
-ExpectedProtocol = TLSv1.1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -1697,18 +2008,17 @@ client = 51-version-negotiation-client
[51-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[51-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-51]
-ExpectedProtocol = TLSv1.1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -1723,8 +2033,7 @@ client = 52-version-negotiation-client
[52-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[52-version-negotiation-client]
@@ -1734,8 +2043,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-52]
-ExpectedProtocol = TLSv1.1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -1750,8 +2058,7 @@ client = 53-version-negotiation-client
[53-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[53-version-negotiation-client]
@@ -1761,7 +2068,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-53]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -1777,7 +2084,7 @@ client = 54-version-negotiation-client
[54-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[54-version-negotiation-client]
@@ -1804,7 +2111,6 @@ client = 55-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[55-version-negotiation-client]
@@ -1814,7 +2120,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-55]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -1829,7 +2136,7 @@ client = 56-version-negotiation-client
[56-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[56-version-negotiation-client]
@@ -1839,7 +2146,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-56]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -1854,17 +2162,17 @@ client = 57-version-negotiation-client
[57-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[57-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-57]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -1879,18 +2187,18 @@ client = 58-version-negotiation-client
[58-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[58-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-58]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -1905,17 +2213,18 @@ client = 59-version-negotiation-client
[59-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[59-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-59]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -1931,17 +2240,18 @@ client = 60-version-negotiation-client
[60-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[60-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-60]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -1957,16 +2267,18 @@ client = 61-version-negotiation-client
[61-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[61-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-61]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -1982,18 +2294,19 @@ client = 62-version-negotiation-client
[62-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
+MaxProtocol = TLSv1.3
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[62-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-62]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -2008,18 +2321,17 @@ client = 63-version-negotiation-client
[63-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[63-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-63]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -2035,18 +2347,18 @@ client = 64-version-negotiation-client
[64-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[64-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-64]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -2062,18 +2374,18 @@ client = 65-version-negotiation-client
[65-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[65-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-65]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -2089,17 +2401,18 @@ client = 66-version-negotiation-client
[66-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[66-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-66]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -2115,18 +2428,18 @@ client = 67-version-negotiation-client
[67-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.3
MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[67-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-67]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -2142,13 +2455,12 @@ client = 68-version-negotiation-client
[68-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[68-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -2169,18 +2481,18 @@ client = 69-version-negotiation-client
[69-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[69-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-69]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -2196,17 +2508,18 @@ client = 70-version-negotiation-client
[70-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[70-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-70]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -2222,13 +2535,13 @@ client = 71-version-negotiation-client
[71-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[71-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -2249,18 +2562,17 @@ client = 72-version-negotiation-client
[72-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[72-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-72]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -2276,18 +2588,18 @@ client = 73-version-negotiation-client
[73-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[73-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-73]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -2302,19 +2614,18 @@ client = 74-version-negotiation-client
[74-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.3
MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[74-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-74]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -2334,13 +2645,12 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[75-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-75]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -2355,11 +2665,13 @@ client = 76-version-negotiation-client
[76-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[76-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -2379,17 +2691,17 @@ client = 77-version-negotiation-client
[77-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[77-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-77]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -2404,17 +2716,17 @@ client = 78-version-negotiation-client
[78-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[78-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-78]
-ExpectedProtocol = TLSv1.1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -2429,16 +2741,17 @@ client = 79-version-negotiation-client
[79-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[79-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-79]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -2454,15 +2767,17 @@ client = 80-version-negotiation-client
[80-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[80-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-80]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -2478,17 +2793,18 @@ client = 81-version-negotiation-client
[81-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[81-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-81]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
# ===========================================================
@@ -2503,17 +2819,17 @@ client = 82-version-negotiation-client
[82-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[82-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-82]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -2529,17 +2845,16 @@ client = 83-version-negotiation-client
[83-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[83-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-83]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -2555,18 +2870,18 @@ client = 84-version-negotiation-client
[84-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = SSLv3
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[84-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-84]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -2581,16 +2896,18 @@ client = 85-version-negotiation-client
[85-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[85-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-85]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -2606,17 +2923,18 @@ client = 86-version-negotiation-client
[86-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[86-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-86]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -2632,17 +2950,18 @@ client = 87-version-negotiation-client
[87-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[87-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-87]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -2658,12 +2977,13 @@ client = 88-version-negotiation-client
[88-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[88-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -2684,11 +3004,12 @@ client = 89-version-negotiation-client
[89-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[89-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -2709,17 +3030,18 @@ client = 90-version-negotiation-client
[90-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[90-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-90]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -2735,17 +3057,18 @@ client = 91-version-negotiation-client
[91-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[91-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-91]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -2761,11 +3084,13 @@ client = 92-version-negotiation-client
[92-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[92-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -2786,12 +3111,13 @@ client = 93-version-negotiation-client
[93-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[93-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -2812,11 +3138,12 @@ client = 94-version-negotiation-client
[94-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[94-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -2837,18 +3164,19 @@ client = 95-version-negotiation-client
[95-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[95-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-95]
-ExpectedResult = InternalError
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -2863,18 +3191,19 @@ client = 96-version-negotiation-client
[96-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[96-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-96]
-ExpectedResult = InternalError
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
# ===========================================================
@@ -2889,18 +3218,19 @@ client = 97-version-negotiation-client
[97-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[97-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-97]
-ExpectedResult = InternalError
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
# ===========================================================
@@ -2915,18 +3245,18 @@ client = 98-version-negotiation-client
[98-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[98-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-98]
-ExpectedResult = InternalError
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
# ===========================================================
@@ -2941,17 +3271,19 @@ client = 99-version-negotiation-client
[99-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[99-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-99]
-ExpectedResult = InternalError
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
# ===========================================================
@@ -2966,19 +3298,19 @@ client = 100-version-negotiation-client
[100-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[100-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-100]
-ExpectedResult = InternalError
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
# ===========================================================
@@ -2993,19 +3325,18 @@ client = 101-version-negotiation-client
[101-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[101-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-101]
-ExpectedResult = InternalError
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
# ===========================================================
@@ -3020,19 +3351,18 @@ client = 102-version-negotiation-client
[102-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[102-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-102]
-ExpectedResult = InternalError
+ExpectedResult = ServerFail
# ===========================================================
@@ -3047,19 +3377,17 @@ client = 103-version-negotiation-client
[103-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = SSLv3
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[103-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-103]
-ExpectedResult = InternalError
+ExpectedResult = ServerFail
# ===========================================================
@@ -3074,18 +3402,17 @@ client = 104-version-negotiation-client
[104-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = SSLv3
+MaxProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[104-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-104]
-ExpectedResult = InternalError
+ExpectedResult = ServerFail
# ===========================================================
@@ -3101,18 +3428,17 @@ client = 105-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[105-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-105]
-ExpectedResult = InternalError
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
# ===========================================================
@@ -3128,18 +3454,17 @@ client = 106-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[106-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-106]
-ExpectedResult = InternalError
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -3155,18 +3480,17 @@ client = 107-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[107-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-107]
-ExpectedResult = InternalError
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
# ===========================================================
@@ -3181,18 +3505,18 @@ client = 108-version-negotiation-client
[108-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[108-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-108]
-ExpectedResult = InternalError
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -3207,19 +3531,17 @@ client = 109-version-negotiation-client
[109-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[109-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-109]
-ExpectedResult = InternalError
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -3234,19 +3556,18 @@ client = 110-version-negotiation-client
[110-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[110-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-110]
-ExpectedResult = InternalError
+ExpectedResult = ServerFail
# ===========================================================
@@ -3261,18 +3582,19 @@ client = 111-version-negotiation-client
[111-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[111-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-111]
-ExpectedResult = InternalError
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
# ===========================================================
@@ -3287,19 +3609,19 @@ client = 112-version-negotiation-client
[112-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[112-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-112]
-ExpectedResult = InternalError
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -3314,18 +3636,19 @@ client = 113-version-negotiation-client
[113-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[113-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-113]
-ExpectedResult = InternalError
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
# ===========================================================
@@ -3340,18 +3663,19 @@ client = 114-version-negotiation-client
[114-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[114-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-114]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -3366,18 +3690,17 @@ client = 115-version-negotiation-client
[115-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[115-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-115]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -3393,13 +3716,13 @@ client = 116-version-negotiation-client
[116-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[116-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -3420,18 +3743,18 @@ client = 117-version-negotiation-client
[117-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[117-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-117]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -3447,17 +3770,18 @@ client = 118-version-negotiation-client
[118-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[118-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-118]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -3473,19 +3797,19 @@ client = 119-version-negotiation-client
[119-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[119-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-119]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -3500,19 +3824,17 @@ client = 120-version-negotiation-client
[120-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[120-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-120]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -3529,18 +3851,17 @@ client = 121-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[121-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-121]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -3557,18 +3878,17 @@ client = 122-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = SSLv3
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[122-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-122]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -3584,18 +3904,18 @@ client = 123-version-negotiation-client
[123-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[123-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-123]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -3611,19 +3931,17 @@ client = 124-version-negotiation-client
[124-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[124-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-124]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -3639,19 +3957,18 @@ client = 125-version-negotiation-client
[125-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[125-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-125]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -3667,19 +3984,18 @@ client = 126-version-negotiation-client
[126-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[126-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-126]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -3695,18 +4011,17 @@ client = 127-version-negotiation-client
[127-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[127-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-127]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -3722,19 +4037,19 @@ client = 128-version-negotiation-client
[128-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[128-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-128]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -3749,19 +4064,18 @@ client = 129-version-negotiation-client
[129-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[129-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-129]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -3776,13 +4090,11 @@ client = 130-version-negotiation-client
[130-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[130-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -3802,19 +4114,17 @@ client = 131-version-negotiation-client
[131-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[131-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-131]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
# ===========================================================
@@ -3829,18 +4139,17 @@ client = 132-version-negotiation-client
[132-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[132-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-132]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -3855,18 +4164,17 @@ client = 133-version-negotiation-client
[133-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[133-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-133]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
# ===========================================================
@@ -3881,18 +4189,16 @@ client = 134-version-negotiation-client
[134-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[134-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-134]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -3908,18 +4214,15 @@ client = 135-version-negotiation-client
[135-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[135-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-135]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -3935,19 +4238,17 @@ client = 136-version-negotiation-client
[136-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[136-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-136]
-ExpectedProtocol = TLSv1.1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -3962,17 +4263,17 @@ client = 137-version-negotiation-client
[137-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[137-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-137]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -3988,19 +4289,18 @@ client = 138-version-negotiation-client
[138-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
+MaxProtocol = TLSv1.1
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[138-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-138]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -4015,19 +4315,17 @@ client = 139-version-negotiation-client
[139-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.2
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[139-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-139]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -4043,19 +4341,17 @@ client = 140-version-negotiation-client
[140-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[140-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-140]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4071,19 +4367,16 @@ client = 141-version-negotiation-client
[141-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[141-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-141]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4099,18 +4392,17 @@ client = 142-version-negotiation-client
[142-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = SSLv3
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[142-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-142]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -4126,19 +4418,17 @@ client = 143-version-negotiation-client
[143-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.1
MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[143-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-143]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -4154,19 +4444,17 @@ client = 144-version-negotiation-client
[144-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1.2
MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[144-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-144]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -4182,19 +4470,17 @@ client = 145-version-negotiation-client
[145-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.3
MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[145-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-145]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4215,13 +4501,11 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[146-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-146]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4243,8 +4527,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[147-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -4271,13 +4553,11 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[148-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-148]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -4293,18 +4573,17 @@ client = 149-version-negotiation-client
[149-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[149-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-149]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4320,19 +4599,17 @@ client = 150-version-negotiation-client
[150-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[150-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-150]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -4347,18 +4624,18 @@ client = 151-version-negotiation-client
[151-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[151-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-151]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
# ===========================================================
@@ -4373,18 +4650,18 @@ client = 152-version-negotiation-client
[152-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[152-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-152]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -4399,18 +4676,16 @@ client = 153-version-negotiation-client
[153-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[153-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-153]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4426,18 +4701,17 @@ client = 154-version-negotiation-client
[154-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[154-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-154]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4453,18 +4727,16 @@ client = 155-version-negotiation-client
[155-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[155-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-155]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4480,18 +4752,18 @@ client = 156-version-negotiation-client
[156-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[156-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-156]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -4506,19 +4778,18 @@ client = 157-version-negotiation-client
[157-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[157-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-157]
-ExpectedResult = ServerFail
+ExpectedResult = InternalError
# ===========================================================
@@ -4533,20 +4804,18 @@ client = 158-version-negotiation-client
[158-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[158-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-158]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -4561,20 +4830,18 @@ client = 159-version-negotiation-client
[159-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[159-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-159]
-ExpectedProtocol = TLSv1.1
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -4589,20 +4856,18 @@ client = 160-version-negotiation-client
[160-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[160-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-160]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -4617,19 +4882,17 @@ client = 161-version-negotiation-client
[161-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[161-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-161]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -4644,20 +4907,19 @@ client = 162-version-negotiation-client
[162-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[162-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-162]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -4672,20 +4934,19 @@ client = 163-version-negotiation-client
[163-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[163-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-163]
-ExpectedProtocol = TLSv1.1
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -4700,20 +4961,19 @@ client = 164-version-negotiation-client
[164-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[164-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-164]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -4728,19 +4988,19 @@ client = 165-version-negotiation-client
[165-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[165-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-165]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -4755,20 +5015,19 @@ client = 166-version-negotiation-client
[166-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[166-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-166]
-ExpectedProtocol = TLSv1.1
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -4783,20 +5042,18 @@ client = 167-version-negotiation-client
[167-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[167-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-167]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -4811,19 +5068,19 @@ client = 168-version-negotiation-client
[168-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[168-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-168]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -4838,20 +5095,19 @@ client = 169-version-negotiation-client
[169-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[169-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-169]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -4866,19 +5122,19 @@ client = 170-version-negotiation-client
[170-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[170-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-170]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -4893,17 +5149,19 @@ client = 171-version-negotiation-client
[171-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[171-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-171]
-ExpectedResult = ServerFail
+ExpectedResult = InternalError
# ===========================================================
@@ -4918,18 +5176,18 @@ client = 172-version-negotiation-client
[172-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[172-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-172]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -4945,17 +5203,18 @@ client = 173-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[173-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-173]
-ExpectedProtocol = TLSv1.1
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -4971,17 +5230,18 @@ client = 174-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[174-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-174]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -4996,17 +5256,19 @@ client = 175-version-negotiation-client
[175-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[175-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-175]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -5021,18 +5283,18 @@ client = 176-version-negotiation-client
[176-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[176-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-176]
-ExpectedResult = ServerFail
+ExpectedResult = InternalError
# ===========================================================
@@ -5047,19 +5309,19 @@ client = 177-version-negotiation-client
[177-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[177-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-177]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -5074,19 +5336,19 @@ client = 178-version-negotiation-client
[178-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[178-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-178]
-ExpectedProtocol = TLSv1.1
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -5101,19 +5363,18 @@ client = 179-version-negotiation-client
[179-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = SSLv3
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[179-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-179]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -5128,18 +5389,19 @@ client = 180-version-negotiation-client
[180-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[180-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-180]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -5154,19 +5416,18 @@ client = 181-version-negotiation-client
[181-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[181-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = SSLv3
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-181]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = InternalError
# ===========================================================
@@ -5181,19 +5442,18 @@ client = 182-version-negotiation-client
[182-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MaxProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[182-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-182]
-ExpectedProtocol = TLSv1.1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -5208,18 +5468,18 @@ client = 183-version-negotiation-client
[183-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[183-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-183]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -5235,17 +5495,18 @@ client = 184-version-negotiation-client
[184-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[184-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-184]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -5261,18 +5522,18 @@ client = 185-version-negotiation-client
[185-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[185-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-185]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -5288,18 +5549,18 @@ client = 186-version-negotiation-client
[186-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[186-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-186]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -5315,17 +5576,17 @@ client = 187-version-negotiation-client
[187-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[187-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-187]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -5341,19 +5602,19 @@ client = 188-version-negotiation-client
[188-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[188-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-188]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -5368,17 +5629,19 @@ client = 189-version-negotiation-client
[189-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[189-version-negotiation-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1
MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-189]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -5394,18 +5657,20 @@ client = 190-version-negotiation-client
[190-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[190-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-190]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
# ===========================================================
@@ -5420,13 +5685,14 @@ client = 191-version-negotiation-client
[191-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[191-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -5447,13 +5713,14 @@ client = 192-version-negotiation-client
[192-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[192-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -5474,13 +5741,13 @@ client = 193-version-negotiation-client
[193-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[193-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -5501,12 +5768,14 @@ client = 194-version-negotiation-client
[194-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[194-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -5527,19 +5796,20 @@ client = 195-version-negotiation-client
[195-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[195-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-195]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
# ===========================================================
@@ -5554,14 +5824,14 @@ client = 196-version-negotiation-client
[196-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[196-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -5582,14 +5852,14 @@ client = 197-version-negotiation-client
[197-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[197-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -5610,14 +5880,13 @@ client = 198-version-negotiation-client
[198-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = SSLv3
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[198-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -5638,19 +5907,19 @@ client = 199-version-negotiation-client
[199-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[199-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-199]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -5665,20 +5934,19 @@ client = 200-version-negotiation-client
[200-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[200-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-200]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -5693,20 +5961,19 @@ client = 201-version-negotiation-client
[201-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[201-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-201]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -5721,20 +5988,18 @@ client = 202-version-negotiation-client
[202-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[202-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-202]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -5749,19 +6014,19 @@ client = 203-version-negotiation-client
[203-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[203-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-203]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -5776,14 +6041,14 @@ client = 204-version-negotiation-client
[204-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[204-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -5803,14 +6068,13 @@ client = 205-version-negotiation-client
[205-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[205-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -5830,13 +6094,14 @@ client = 206-version-negotiation-client
[206-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[206-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -5856,14 +6121,13 @@ client = 207-version-negotiation-client
[207-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[207-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -5883,13 +6147,13 @@ client = 208-version-negotiation-client
[208-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[208-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -5909,18 +6173,19 @@ client = 209-version-negotiation-client
[209-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[209-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-209]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
# ===========================================================
@@ -5935,18 +6200,18 @@ client = 210-version-negotiation-client
[210-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[210-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-210]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -5962,13 +6227,13 @@ client = 211-version-negotiation-client
[211-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[211-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -5989,13 +6254,13 @@ client = 212-version-negotiation-client
[212-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[212-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -6021,7 +6286,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[213-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -6049,7 +6314,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[214-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -6076,7 +6341,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[215-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -6104,7 +6369,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[216-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -6132,7 +6397,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[217-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -6153,13 +6418,14 @@ client = 218-version-negotiation-client
[218-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[218-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -6180,19 +6446,18 @@ client = 219-version-negotiation-client
[219-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[219-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-219]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -6208,19 +6473,19 @@ client = 220-version-negotiation-client
[220-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[220-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-220]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -6236,14 +6501,14 @@ client = 221-version-negotiation-client
[221-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[221-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -6264,13 +6529,14 @@ client = 222-version-negotiation-client
[222-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[222-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -6291,14 +6557,14 @@ client = 223-version-negotiation-client
[223-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[223-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -6319,14 +6585,13 @@ client = 224-version-negotiation-client
[224-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[224-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -6347,13 +6612,14 @@ client = 225-version-negotiation-client
[225-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.1
MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[225-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -6375,18 +6641,19 @@ client = 226-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[226-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-226]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -6401,18 +6668,20 @@ client = 227-version-negotiation-client
[227-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[227-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-227]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -6427,18 +6696,19 @@ client = 228-version-negotiation-client
[228-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[228-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-228]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -6453,19 +6723,19 @@ client = 229-version-negotiation-client
[229-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[229-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-229]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -6480,19 +6750,19 @@ client = 230-version-negotiation-client
[230-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[230-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-230]
-ExpectedProtocol = TLSv1.1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -6507,19 +6777,18 @@ client = 231-version-negotiation-client
[231-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[231-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-231]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -6534,18 +6803,19 @@ client = 232-version-negotiation-client
[232-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[232-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-232]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -6560,14 +6830,13 @@ client = 233-version-negotiation-client
[233-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[233-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -6587,20 +6856,18 @@ client = 234-version-negotiation-client
[234-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[234-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-234]
-ExpectedProtocol = TLSv1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -6615,19 +6882,18 @@ client = 235-version-negotiation-client
[235-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[235-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-235]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -6643,19 +6909,18 @@ client = 236-version-negotiation-client
[236-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[236-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-236]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -6671,13 +6936,13 @@ client = 237-version-negotiation-client
[237-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[237-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -6698,19 +6963,18 @@ client = 238-version-negotiation-client
[238-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[238-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-238]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -6726,19 +6990,17 @@ client = 239-version-negotiation-client
[239-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[239-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-239]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -6754,20 +7016,19 @@ client = 240-version-negotiation-client
[240-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[240-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-240]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -6782,18 +7043,19 @@ client = 241-version-negotiation-client
[241-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[241-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-241]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -6810,13 +7072,13 @@ client = 242-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[242-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -6838,13 +7100,13 @@ client = 243-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[243-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -6865,13 +7127,14 @@ client = 244-version-negotiation-client
[244-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[244-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -6892,14 +7155,13 @@ client = 245-version-negotiation-client
[245-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[245-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -6920,18 +7182,19 @@ client = 246-version-negotiation-client
[246-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[246-version-negotiation-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-246]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -6947,17 +7210,20 @@ client = 247-version-negotiation-client
[247-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[247-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-247]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -6972,17 +7238,19 @@ client = 248-version-negotiation-client
[248-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[248-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-248]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -6998,17 +7266,19 @@ client = 249-version-negotiation-client
[249-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[249-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-249]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -7024,12 +7294,13 @@ client = 250-version-negotiation-client
[250-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[250-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -7050,16 +7321,19 @@ client = 251-version-negotiation-client
[251-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[251-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-251]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -7075,18 +7349,20 @@ client = 252-version-negotiation-client
[252-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[252-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-252]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
# ===========================================================
@@ -7101,18 +7377,19 @@ client = 253-version-negotiation-client
[253-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[253-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-253]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -7128,18 +7405,18 @@ client = 254-version-negotiation-client
[254-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[254-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-254]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -7156,12 +7433,13 @@ client = 255-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = SSLv3
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[255-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -7182,12 +7460,14 @@ client = 256-version-negotiation-client
[256-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[256-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -7208,18 +7488,18 @@ client = 257-version-negotiation-client
[257-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[257-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-257]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -7235,19 +7515,19 @@ client = 258-version-negotiation-client
[258-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[258-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-258]
-ExpectedProtocol = TLSv1.1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -7262,19 +7542,18 @@ client = 259-version-negotiation-client
[259-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[259-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-259]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -7289,18 +7568,18 @@ client = 260-version-negotiation-client
[260-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[260-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-260]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -7315,18 +7594,18 @@ client = 261-version-negotiation-client
[261-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[261-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-261]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -7342,18 +7621,18 @@ client = 262-version-negotiation-client
[262-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[262-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-262]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -7369,12 +7648,13 @@ client = 263-version-negotiation-client
[263-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[263-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -7395,18 +7675,18 @@ client = 264-version-negotiation-client
[264-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[264-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-264]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -7422,17 +7702,17 @@ client = 265-version-negotiation-client
[265-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[265-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-265]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -7449,12 +7729,13 @@ client = 266-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = SSLv3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[266-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -7475,17 +7756,19 @@ client = 267-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[267-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-267]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
# ===========================================================
@@ -7501,12 +7784,13 @@ client = 268-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[268-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -7528,17 +7812,18 @@ client = 269-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[269-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-269]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -7554,17 +7839,19 @@ client = 270-version-negotiation-client
[270-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[270-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-270]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -7580,19 +7867,19 @@ client = 271-version-negotiation-client
[271-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[271-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-271]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -7608,18 +7895,19 @@ client = 272-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[272-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-272]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
# ===========================================================
@@ -7635,13 +7923,13 @@ client = 273-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[273-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -7663,18 +7951,18 @@ client = 274-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = SSLv3
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[274-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-274]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -7690,18 +7978,19 @@ client = 275-version-negotiation-client
[275-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[275-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-275]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -7717,19 +8006,19 @@ client = 276-version-negotiation-client
[276-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[276-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-276]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -7745,13 +8034,13 @@ client = 277-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[277-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -7773,18 +8062,18 @@ client = 278-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[278-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-278]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -7800,18 +8089,19 @@ client = 279-version-negotiation-client
[279-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[279-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-279]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -7827,19 +8117,18 @@ client = 280-version-negotiation-client
[280-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[280-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-280]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -7856,18 +8145,18 @@ client = 281-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[281-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-281]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.2
ExpectedResult = Success
@@ -7883,18 +8172,19 @@ client = 282-version-negotiation-client
[282-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[282-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-282]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -7910,19 +8200,19 @@ client = 283-version-negotiation-client
[283-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[283-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-283]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -7937,18 +8227,20 @@ client = 284-version-negotiation-client
[284-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[284-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-284]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -7963,18 +8255,19 @@ client = 285-version-negotiation-client
[285-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[285-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-285]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -7989,18 +8282,17 @@ client = 286-version-negotiation-client
[286-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[286-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-286]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -8015,18 +8307,17 @@ client = 287-version-negotiation-client
[287-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[287-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-287]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -8042,18 +8333,17 @@ client = 288-version-negotiation-client
[288-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[288-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-288]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -8069,12 +8359,12 @@ client = 289-version-negotiation-client
[289-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[289-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -8095,19 +8385,18 @@ client = 290-version-negotiation-client
[290-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[290-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-290]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -8122,19 +8411,17 @@ client = 291-version-negotiation-client
[291-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[291-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-291]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -8149,20 +8436,18 @@ client = 292-version-negotiation-client
[292-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = SSLv3
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[292-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-292]
-ExpectedProtocol = TLSv1.1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -8177,19 +8462,18 @@ client = 293-version-negotiation-client
[293-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[293-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-293]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -8205,18 +8489,18 @@ client = 294-version-negotiation-client
[294-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.1
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[294-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-294]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -8232,19 +8516,19 @@ client = 295-version-negotiation-client
[295-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[295-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-295]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
# ===========================================================
@@ -8259,19 +8543,18 @@ client = 296-version-negotiation-client
[296-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[296-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-296]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8287,19 +8570,17 @@ client = 297-version-negotiation-client
[297-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[297-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-297]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8315,18 +8596,18 @@ client = 298-version-negotiation-client
[298-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1
MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[298-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-298]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -8343,13 +8624,12 @@ client = 299-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[299-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -8371,13 +8651,12 @@ client = 300-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[300-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -8398,18 +8677,18 @@ client = 301-version-negotiation-client
[301-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[301-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-301]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8425,19 +8704,17 @@ client = 302-version-negotiation-client
[302-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[302-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-302]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8453,18 +8730,18 @@ client = 303-version-negotiation-client
[303-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[303-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-303]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -8480,17 +8757,19 @@ client = 304-version-negotiation-client
[304-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[304-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-304]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
# ===========================================================
@@ -8505,17 +8784,19 @@ client = 305-version-negotiation-client
[305-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[305-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-305]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -8530,17 +8811,17 @@ client = 306-version-negotiation-client
[306-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[306-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-306]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8557,11 +8838,12 @@ client = 307-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[307-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -8582,16 +8864,18 @@ client = 308-version-negotiation-client
[308-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[308-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-308]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8607,18 +8891,18 @@ client = 309-version-negotiation-client
[309-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[309-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-309]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -8633,18 +8917,19 @@ client = 310-version-negotiation-client
[310-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[310-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-310]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -8659,18 +8944,17 @@ client = 311-version-negotiation-client
[311-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[311-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MinProtocol = SSLv3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-311]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8686,19 +8970,18 @@ client = 312-version-negotiation-client
[312-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = SSLv3
+MaxProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[312-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-312]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -8713,17 +8996,18 @@ client = 313-version-negotiation-client
[313-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = SSLv3
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[313-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-313]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -8739,18 +9023,19 @@ client = 314-version-negotiation-client
[314-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[314-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-314]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
# ===========================================================
@@ -8765,18 +9050,18 @@ client = 315-version-negotiation-client
[315-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[315-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-315]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -8792,18 +9077,18 @@ client = 316-version-negotiation-client
[316-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[316-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-316]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -8819,17 +9104,17 @@ client = 317-version-negotiation-client
[317-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[317-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-317]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -8845,19 +9130,19 @@ client = 318-version-negotiation-client
[318-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[318-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-318]
-ExpectedProtocol = TLSv1.1
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -8872,18 +9157,19 @@ client = 319-version-negotiation-client
[319-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[319-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-319]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -8899,17 +9185,19 @@ client = 320-version-negotiation-client
[320-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[320-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-320]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -8926,17 +9214,18 @@ client = 321-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[321-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-321]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -8952,17 +9241,19 @@ client = 322-version-negotiation-client
[322-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[322-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-322]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -8978,18 +9269,19 @@ client = 323-version-negotiation-client
[323-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[323-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-323]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
# ===========================================================
@@ -9005,17 +9297,19 @@ client = 324-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[324-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-324]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
# ===========================================================
@@ -9031,17 +9325,19 @@ client = 325-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[325-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-325]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
# ===========================================================
@@ -9057,17 +9353,18 @@ client = 326-version-negotiation-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[326-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-326]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -9083,17 +9380,19 @@ client = 327-version-negotiation-client
[327-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[327-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-327]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -9109,19 +9408,19 @@ client = 328-version-negotiation-client
[328-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
-MinProtocol = SSLv3
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[328-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-328]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
# ===========================================================
@@ -9136,19 +9435,19 @@ client = 329-version-negotiation-client
[329-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[329-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-329]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -9163,19 +9462,19 @@ client = 330-version-negotiation-client
[330-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[330-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-330]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -9190,20 +9489,19 @@ client = 331-version-negotiation-client
[331-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[331-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-331]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -9218,19 +9516,18 @@ client = 332-version-negotiation-client
[332-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = SSLv3
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[332-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-332]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -9245,19 +9542,19 @@ client = 333-version-negotiation-client
[333-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[333-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-333]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -9272,19 +9569,19 @@ client = 334-version-negotiation-client
[334-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[334-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-334]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -9299,20 +9596,18 @@ client = 335-version-negotiation-client
[335-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[335-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-335]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -9327,19 +9622,19 @@ client = 336-version-negotiation-client
[336-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[336-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-336]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -9354,19 +9649,18 @@ client = 337-version-negotiation-client
[337-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[337-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-337]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -9381,20 +9675,18 @@ client = 338-version-negotiation-client
[338-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.1
+MaxProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[338-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-338]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -9409,18 +9701,18 @@ client = 339-version-negotiation-client
[339-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[339-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-339]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -9436,19 +9728,18 @@ client = 340-version-negotiation-client
[340-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[340-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-340]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -9464,18 +9755,18 @@ client = 341-version-negotiation-client
[341-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[341-version-negotiation-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-341]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -9491,17 +9782,19 @@ client = 342-version-negotiation-client
[342-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[342-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-342]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -9516,17 +9809,18 @@ client = 343-version-negotiation-client
[343-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[343-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-343]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -9541,17 +9835,19 @@ client = 344-version-negotiation-client
[344-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[344-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-344]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -9566,17 +9862,19 @@ client = 345-version-negotiation-client
[345-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[345-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-345]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -9592,16 +9890,19 @@ client = 346-version-negotiation-client
[346-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[346-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-346]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -9617,18 +9918,20 @@ client = 347-version-negotiation-client
[347-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = SSLv3
+MaxProtocol = TLSv1.2
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[347-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-347]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -9643,18 +9946,20 @@ client = 348-version-negotiation-client
[348-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.3
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[348-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-348]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -9669,18 +9974,19 @@ client = 349-version-negotiation-client
[349-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
MinProtocol = SSLv3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[349-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-349]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -9695,18 +10001,19 @@ client = 350-version-negotiation-client
[350-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = SSLv3
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[350-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-350]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
ExpectedResult = Success
@@ -9722,17 +10029,19 @@ client = 351-version-negotiation-client
[351-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = SSLv3
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[351-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-351]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -9748,18 +10057,20 @@ client = 352-version-negotiation-client
[352-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.2
MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[352-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-352]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -9774,18 +10085,20 @@ client = 353-version-negotiation-client
[353-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[353-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-353]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -9800,18 +10113,18 @@ client = 354-version-negotiation-client
[354-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[354-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-354]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -9827,17 +10140,19 @@ client = 355-version-negotiation-client
[355-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MinProtocol = TLSv1
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[355-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-355]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -9853,18 +10168,20 @@ client = 356-version-negotiation-client
[356-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1.2
MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[356-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-356]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
# ===========================================================
@@ -9879,18 +10196,19 @@ client = 357-version-negotiation-client
[357-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.3
MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[357-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-357]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -9911,12 +10229,13 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[358-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-358]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
ExpectedResult = Success
@@ -9938,13 +10257,13 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[359-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-359]
-ExpectedProtocol = TLSv1.2
-ExpectedResult = Success
+ExpectedResult = ServerFail
# ===========================================================
@@ -9959,17 +10278,8493 @@ client = 360-version-negotiation-client
[360-version-negotiation-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[360-version-negotiation-client]
CipherString = DEFAULT
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-360]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[361-version-negotiation]
+ssl_conf = 361-version-negotiation-ssl
+
+[361-version-negotiation-ssl]
+server = 361-version-negotiation-server
+client = 361-version-negotiation-client
+
+[361-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[361-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-361]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[362-version-negotiation]
+ssl_conf = 362-version-negotiation-ssl
+
+[362-version-negotiation-ssl]
+server = 362-version-negotiation-server
+client = 362-version-negotiation-client
+
+[362-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[362-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-362]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[363-version-negotiation]
+ssl_conf = 363-version-negotiation-ssl
+
+[363-version-negotiation-ssl]
+server = 363-version-negotiation-server
+client = 363-version-negotiation-client
+
+[363-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[363-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-363]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[364-version-negotiation]
+ssl_conf = 364-version-negotiation-ssl
+
+[364-version-negotiation-ssl]
+server = 364-version-negotiation-server
+client = 364-version-negotiation-client
+
+[364-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[364-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-364]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[365-version-negotiation]
+ssl_conf = 365-version-negotiation-ssl
+
+[365-version-negotiation-ssl]
+server = 365-version-negotiation-server
+client = 365-version-negotiation-client
+
+[365-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[365-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-365]
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[366-version-negotiation]
+ssl_conf = 366-version-negotiation-ssl
+
+[366-version-negotiation-ssl]
+server = 366-version-negotiation-server
+client = 366-version-negotiation-client
+
+[366-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[366-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-366]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[367-version-negotiation]
+ssl_conf = 367-version-negotiation-ssl
+
+[367-version-negotiation-ssl]
+server = 367-version-negotiation-server
+client = 367-version-negotiation-client
+
+[367-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[367-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-367]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[368-version-negotiation]
+ssl_conf = 368-version-negotiation-ssl
+
+[368-version-negotiation-ssl]
+server = 368-version-negotiation-server
+client = 368-version-negotiation-client
+
+[368-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[368-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-368]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[369-version-negotiation]
+ssl_conf = 369-version-negotiation-ssl
+
+[369-version-negotiation-ssl]
+server = 369-version-negotiation-server
+client = 369-version-negotiation-client
+
+[369-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[369-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-369]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[370-version-negotiation]
+ssl_conf = 370-version-negotiation-ssl
+
+[370-version-negotiation-ssl]
+server = 370-version-negotiation-server
+client = 370-version-negotiation-client
+
+[370-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[370-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-370]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[371-version-negotiation]
+ssl_conf = 371-version-negotiation-ssl
+
+[371-version-negotiation-ssl]
+server = 371-version-negotiation-server
+client = 371-version-negotiation-client
+
+[371-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[371-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-371]
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[372-version-negotiation]
+ssl_conf = 372-version-negotiation-ssl
+
+[372-version-negotiation-ssl]
+server = 372-version-negotiation-server
+client = 372-version-negotiation-client
+
+[372-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[372-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-372]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[373-version-negotiation]
+ssl_conf = 373-version-negotiation-ssl
+
+[373-version-negotiation-ssl]
+server = 373-version-negotiation-server
+client = 373-version-negotiation-client
+
+[373-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[373-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-373]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[374-version-negotiation]
+ssl_conf = 374-version-negotiation-ssl
+
+[374-version-negotiation-ssl]
+server = 374-version-negotiation-server
+client = 374-version-negotiation-client
+
+[374-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[374-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-374]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[375-version-negotiation]
+ssl_conf = 375-version-negotiation-ssl
+
+[375-version-negotiation-ssl]
+server = 375-version-negotiation-server
+client = 375-version-negotiation-client
+
+[375-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[375-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-375]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[376-version-negotiation]
+ssl_conf = 376-version-negotiation-ssl
+
+[376-version-negotiation-ssl]
+server = 376-version-negotiation-server
+client = 376-version-negotiation-client
+
+[376-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[376-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-376]
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[377-version-negotiation]
+ssl_conf = 377-version-negotiation-ssl
+
+[377-version-negotiation-ssl]
+server = 377-version-negotiation-server
+client = 377-version-negotiation-client
+
+[377-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[377-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-377]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[378-version-negotiation]
+ssl_conf = 378-version-negotiation-ssl
+
+[378-version-negotiation-ssl]
+server = 378-version-negotiation-server
+client = 378-version-negotiation-client
+
+[378-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[378-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-378]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[379-version-negotiation]
+ssl_conf = 379-version-negotiation-ssl
+
+[379-version-negotiation-ssl]
+server = 379-version-negotiation-server
+client = 379-version-negotiation-client
+
+[379-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[379-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-379]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[380-version-negotiation]
+ssl_conf = 380-version-negotiation-ssl
+
+[380-version-negotiation-ssl]
+server = 380-version-negotiation-server
+client = 380-version-negotiation-client
+
+[380-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[380-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-380]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[381-version-negotiation]
+ssl_conf = 381-version-negotiation-ssl
+
+[381-version-negotiation-ssl]
+server = 381-version-negotiation-server
+client = 381-version-negotiation-client
+
+[381-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[381-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-381]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[382-version-negotiation]
+ssl_conf = 382-version-negotiation-ssl
+
+[382-version-negotiation-ssl]
+server = 382-version-negotiation-server
+client = 382-version-negotiation-client
+
+[382-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[382-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-382]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[383-version-negotiation]
+ssl_conf = 383-version-negotiation-ssl
+
+[383-version-negotiation-ssl]
+server = 383-version-negotiation-server
+client = 383-version-negotiation-client
+
+[383-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[383-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-383]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[384-version-negotiation]
+ssl_conf = 384-version-negotiation-ssl
+
+[384-version-negotiation-ssl]
+server = 384-version-negotiation-server
+client = 384-version-negotiation-client
+
+[384-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[384-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-384]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[385-version-negotiation]
+ssl_conf = 385-version-negotiation-ssl
+
+[385-version-negotiation-ssl]
+server = 385-version-negotiation-server
+client = 385-version-negotiation-client
+
+[385-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[385-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-385]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[386-version-negotiation]
+ssl_conf = 386-version-negotiation-ssl
+
+[386-version-negotiation-ssl]
+server = 386-version-negotiation-server
+client = 386-version-negotiation-client
+
+[386-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[386-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-386]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[387-version-negotiation]
+ssl_conf = 387-version-negotiation-ssl
+
+[387-version-negotiation-ssl]
+server = 387-version-negotiation-server
+client = 387-version-negotiation-client
+
+[387-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[387-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-387]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[388-version-negotiation]
+ssl_conf = 388-version-negotiation-ssl
+
+[388-version-negotiation-ssl]
+server = 388-version-negotiation-server
+client = 388-version-negotiation-client
+
+[388-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[388-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-388]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[389-version-negotiation]
+ssl_conf = 389-version-negotiation-ssl
+
+[389-version-negotiation-ssl]
+server = 389-version-negotiation-server
+client = 389-version-negotiation-client
+
+[389-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[389-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-389]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[390-version-negotiation]
+ssl_conf = 390-version-negotiation-ssl
+
+[390-version-negotiation-ssl]
+server = 390-version-negotiation-server
+client = 390-version-negotiation-client
+
+[390-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[390-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-390]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[391-version-negotiation]
+ssl_conf = 391-version-negotiation-ssl
+
+[391-version-negotiation-ssl]
+server = 391-version-negotiation-server
+client = 391-version-negotiation-client
+
+[391-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[391-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-391]
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[392-version-negotiation]
+ssl_conf = 392-version-negotiation-ssl
+
+[392-version-negotiation-ssl]
+server = 392-version-negotiation-server
+client = 392-version-negotiation-client
+
+[392-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[392-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-392]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[393-version-negotiation]
+ssl_conf = 393-version-negotiation-ssl
+
+[393-version-negotiation-ssl]
+server = 393-version-negotiation-server
+client = 393-version-negotiation-client
+
+[393-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[393-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-393]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[394-version-negotiation]
+ssl_conf = 394-version-negotiation-ssl
+
+[394-version-negotiation-ssl]
+server = 394-version-negotiation-server
+client = 394-version-negotiation-client
+
+[394-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[394-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-394]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[395-version-negotiation]
+ssl_conf = 395-version-negotiation-ssl
+
+[395-version-negotiation-ssl]
+server = 395-version-negotiation-server
+client = 395-version-negotiation-client
+
+[395-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[395-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-395]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[396-version-negotiation]
+ssl_conf = 396-version-negotiation-ssl
+
+[396-version-negotiation-ssl]
+server = 396-version-negotiation-server
+client = 396-version-negotiation-client
+
+[396-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[396-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-396]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[397-version-negotiation]
+ssl_conf = 397-version-negotiation-ssl
+
+[397-version-negotiation-ssl]
+server = 397-version-negotiation-server
+client = 397-version-negotiation-client
+
+[397-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[397-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-397]
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[398-version-negotiation]
+ssl_conf = 398-version-negotiation-ssl
+
+[398-version-negotiation-ssl]
+server = 398-version-negotiation-server
+client = 398-version-negotiation-client
+
+[398-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[398-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-398]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[399-version-negotiation]
+ssl_conf = 399-version-negotiation-ssl
+
+[399-version-negotiation-ssl]
+server = 399-version-negotiation-server
+client = 399-version-negotiation-client
+
+[399-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[399-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-399]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[400-version-negotiation]
+ssl_conf = 400-version-negotiation-ssl
+
+[400-version-negotiation-ssl]
+server = 400-version-negotiation-server
+client = 400-version-negotiation-client
+
+[400-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[400-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-400]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[401-version-negotiation]
+ssl_conf = 401-version-negotiation-ssl
+
+[401-version-negotiation-ssl]
+server = 401-version-negotiation-server
+client = 401-version-negotiation-client
+
+[401-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[401-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-401]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[402-version-negotiation]
+ssl_conf = 402-version-negotiation-ssl
+
+[402-version-negotiation-ssl]
+server = 402-version-negotiation-server
+client = 402-version-negotiation-client
+
+[402-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[402-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-402]
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[403-version-negotiation]
+ssl_conf = 403-version-negotiation-ssl
+
+[403-version-negotiation-ssl]
+server = 403-version-negotiation-server
+client = 403-version-negotiation-client
+
+[403-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[403-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-403]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[404-version-negotiation]
+ssl_conf = 404-version-negotiation-ssl
+
+[404-version-negotiation-ssl]
+server = 404-version-negotiation-server
+client = 404-version-negotiation-client
+
+[404-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[404-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-404]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[405-version-negotiation]
+ssl_conf = 405-version-negotiation-ssl
+
+[405-version-negotiation-ssl]
+server = 405-version-negotiation-server
+client = 405-version-negotiation-client
+
+[405-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[405-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-405]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[406-version-negotiation]
+ssl_conf = 406-version-negotiation-ssl
+
+[406-version-negotiation-ssl]
+server = 406-version-negotiation-server
+client = 406-version-negotiation-client
+
+[406-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[406-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-406]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[407-version-negotiation]
+ssl_conf = 407-version-negotiation-ssl
+
+[407-version-negotiation-ssl]
+server = 407-version-negotiation-server
+client = 407-version-negotiation-client
+
+[407-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[407-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-407]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[408-version-negotiation]
+ssl_conf = 408-version-negotiation-ssl
+
+[408-version-negotiation-ssl]
+server = 408-version-negotiation-server
+client = 408-version-negotiation-client
+
+[408-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[408-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-408]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[409-version-negotiation]
+ssl_conf = 409-version-negotiation-ssl
+
+[409-version-negotiation-ssl]
+server = 409-version-negotiation-server
+client = 409-version-negotiation-client
+
+[409-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[409-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-409]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[410-version-negotiation]
+ssl_conf = 410-version-negotiation-ssl
+
+[410-version-negotiation-ssl]
+server = 410-version-negotiation-server
+client = 410-version-negotiation-client
+
+[410-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[410-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-410]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[411-version-negotiation]
+ssl_conf = 411-version-negotiation-ssl
+
+[411-version-negotiation-ssl]
+server = 411-version-negotiation-server
+client = 411-version-negotiation-client
+
+[411-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[411-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-411]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[412-version-negotiation]
+ssl_conf = 412-version-negotiation-ssl
+
+[412-version-negotiation-ssl]
+server = 412-version-negotiation-server
+client = 412-version-negotiation-client
+
+[412-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[412-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-412]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[413-version-negotiation]
+ssl_conf = 413-version-negotiation-ssl
+
+[413-version-negotiation-ssl]
+server = 413-version-negotiation-server
+client = 413-version-negotiation-client
+
+[413-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[413-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-413]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[414-version-negotiation]
+ssl_conf = 414-version-negotiation-ssl
+
+[414-version-negotiation-ssl]
+server = 414-version-negotiation-server
+client = 414-version-negotiation-client
+
+[414-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[414-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-414]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[415-version-negotiation]
+ssl_conf = 415-version-negotiation-ssl
+
+[415-version-negotiation-ssl]
+server = 415-version-negotiation-server
+client = 415-version-negotiation-client
+
+[415-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[415-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-415]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[416-version-negotiation]
+ssl_conf = 416-version-negotiation-ssl
+
+[416-version-negotiation-ssl]
+server = 416-version-negotiation-server
+client = 416-version-negotiation-client
+
+[416-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[416-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-416]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[417-version-negotiation]
+ssl_conf = 417-version-negotiation-ssl
+
+[417-version-negotiation-ssl]
+server = 417-version-negotiation-server
+client = 417-version-negotiation-client
+
+[417-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[417-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-417]
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[418-version-negotiation]
+ssl_conf = 418-version-negotiation-ssl
+
+[418-version-negotiation-ssl]
+server = 418-version-negotiation-server
+client = 418-version-negotiation-client
+
+[418-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[418-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-418]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[419-version-negotiation]
+ssl_conf = 419-version-negotiation-ssl
+
+[419-version-negotiation-ssl]
+server = 419-version-negotiation-server
+client = 419-version-negotiation-client
+
+[419-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[419-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-419]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[420-version-negotiation]
+ssl_conf = 420-version-negotiation-ssl
+
+[420-version-negotiation-ssl]
+server = 420-version-negotiation-server
+client = 420-version-negotiation-client
+
+[420-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[420-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-420]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[421-version-negotiation]
+ssl_conf = 421-version-negotiation-ssl
+
+[421-version-negotiation-ssl]
+server = 421-version-negotiation-server
+client = 421-version-negotiation-client
+
+[421-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[421-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-421]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[422-version-negotiation]
+ssl_conf = 422-version-negotiation-ssl
+
+[422-version-negotiation-ssl]
+server = 422-version-negotiation-server
+client = 422-version-negotiation-client
+
+[422-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[422-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-422]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[423-version-negotiation]
+ssl_conf = 423-version-negotiation-ssl
+
+[423-version-negotiation-ssl]
+server = 423-version-negotiation-server
+client = 423-version-negotiation-client
+
+[423-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[423-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-423]
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[424-version-negotiation]
+ssl_conf = 424-version-negotiation-ssl
+
+[424-version-negotiation-ssl]
+server = 424-version-negotiation-server
+client = 424-version-negotiation-client
+
+[424-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[424-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-424]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[425-version-negotiation]
+ssl_conf = 425-version-negotiation-ssl
+
+[425-version-negotiation-ssl]
+server = 425-version-negotiation-server
+client = 425-version-negotiation-client
+
+[425-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[425-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-425]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[426-version-negotiation]
+ssl_conf = 426-version-negotiation-ssl
+
+[426-version-negotiation-ssl]
+server = 426-version-negotiation-server
+client = 426-version-negotiation-client
+
+[426-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[426-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-426]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[427-version-negotiation]
+ssl_conf = 427-version-negotiation-ssl
+
+[427-version-negotiation-ssl]
+server = 427-version-negotiation-server
+client = 427-version-negotiation-client
+
+[427-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[427-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-427]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[428-version-negotiation]
+ssl_conf = 428-version-negotiation-ssl
+
+[428-version-negotiation-ssl]
+server = 428-version-negotiation-server
+client = 428-version-negotiation-client
+
+[428-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[428-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-428]
+ExpectedProtocol = TLSv1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[429-version-negotiation]
+ssl_conf = 429-version-negotiation-ssl
+
+[429-version-negotiation-ssl]
+server = 429-version-negotiation-server
+client = 429-version-negotiation-client
+
+[429-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[429-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-429]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[430-version-negotiation]
+ssl_conf = 430-version-negotiation-ssl
+
+[430-version-negotiation-ssl]
+server = 430-version-negotiation-server
+client = 430-version-negotiation-client
+
+[430-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[430-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-430]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[431-version-negotiation]
+ssl_conf = 431-version-negotiation-ssl
+
+[431-version-negotiation-ssl]
+server = 431-version-negotiation-server
+client = 431-version-negotiation-client
+
+[431-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[431-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-431]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[432-version-negotiation]
+ssl_conf = 432-version-negotiation-ssl
+
+[432-version-negotiation-ssl]
+server = 432-version-negotiation-server
+client = 432-version-negotiation-client
+
+[432-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[432-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-432]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[433-version-negotiation]
+ssl_conf = 433-version-negotiation-ssl
+
+[433-version-negotiation-ssl]
+server = 433-version-negotiation-server
+client = 433-version-negotiation-client
+
+[433-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[433-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-433]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[434-version-negotiation]
+ssl_conf = 434-version-negotiation-ssl
+
+[434-version-negotiation-ssl]
+server = 434-version-negotiation-server
+client = 434-version-negotiation-client
+
+[434-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[434-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-434]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[435-version-negotiation]
+ssl_conf = 435-version-negotiation-ssl
+
+[435-version-negotiation-ssl]
+server = 435-version-negotiation-server
+client = 435-version-negotiation-client
+
+[435-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[435-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-435]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[436-version-negotiation]
+ssl_conf = 436-version-negotiation-ssl
+
+[436-version-negotiation-ssl]
+server = 436-version-negotiation-server
+client = 436-version-negotiation-client
+
+[436-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[436-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-436]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[437-version-negotiation]
+ssl_conf = 437-version-negotiation-ssl
+
+[437-version-negotiation-ssl]
+server = 437-version-negotiation-server
+client = 437-version-negotiation-client
+
+[437-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[437-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-437]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[438-version-negotiation]
+ssl_conf = 438-version-negotiation-ssl
+
+[438-version-negotiation-ssl]
+server = 438-version-negotiation-server
+client = 438-version-negotiation-client
+
+[438-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[438-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-438]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[439-version-negotiation]
+ssl_conf = 439-version-negotiation-ssl
+
+[439-version-negotiation-ssl]
+server = 439-version-negotiation-server
+client = 439-version-negotiation-client
+
+[439-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[439-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-439]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[440-version-negotiation]
+ssl_conf = 440-version-negotiation-ssl
+
+[440-version-negotiation-ssl]
+server = 440-version-negotiation-server
+client = 440-version-negotiation-client
+
+[440-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[440-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-440]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[441-version-negotiation]
+ssl_conf = 441-version-negotiation-ssl
+
+[441-version-negotiation-ssl]
+server = 441-version-negotiation-server
+client = 441-version-negotiation-client
+
+[441-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[441-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-441]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[442-version-negotiation]
+ssl_conf = 442-version-negotiation-ssl
+
+[442-version-negotiation-ssl]
+server = 442-version-negotiation-server
+client = 442-version-negotiation-client
+
+[442-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[442-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-442]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[443-version-negotiation]
+ssl_conf = 443-version-negotiation-ssl
+
+[443-version-negotiation-ssl]
+server = 443-version-negotiation-server
+client = 443-version-negotiation-client
+
+[443-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[443-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-443]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[444-version-negotiation]
+ssl_conf = 444-version-negotiation-ssl
+
+[444-version-negotiation-ssl]
+server = 444-version-negotiation-server
+client = 444-version-negotiation-client
+
+[444-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[444-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-444]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[445-version-negotiation]
+ssl_conf = 445-version-negotiation-ssl
+
+[445-version-negotiation-ssl]
+server = 445-version-negotiation-server
+client = 445-version-negotiation-client
+
+[445-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[445-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-445]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[446-version-negotiation]
+ssl_conf = 446-version-negotiation-ssl
+
+[446-version-negotiation-ssl]
+server = 446-version-negotiation-server
+client = 446-version-negotiation-client
+
+[446-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[446-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-446]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[447-version-negotiation]
+ssl_conf = 447-version-negotiation-ssl
+
+[447-version-negotiation-ssl]
+server = 447-version-negotiation-server
+client = 447-version-negotiation-client
+
+[447-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[447-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-447]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[448-version-negotiation]
+ssl_conf = 448-version-negotiation-ssl
+
+[448-version-negotiation-ssl]
+server = 448-version-negotiation-server
+client = 448-version-negotiation-client
+
+[448-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[448-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-448]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[449-version-negotiation]
+ssl_conf = 449-version-negotiation-ssl
+
+[449-version-negotiation-ssl]
+server = 449-version-negotiation-server
+client = 449-version-negotiation-client
+
+[449-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[449-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-449]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[450-version-negotiation]
+ssl_conf = 450-version-negotiation-ssl
+
+[450-version-negotiation-ssl]
+server = 450-version-negotiation-server
+client = 450-version-negotiation-client
+
+[450-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[450-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-450]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[451-version-negotiation]
+ssl_conf = 451-version-negotiation-ssl
+
+[451-version-negotiation-ssl]
+server = 451-version-negotiation-server
+client = 451-version-negotiation-client
+
+[451-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[451-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-451]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[452-version-negotiation]
+ssl_conf = 452-version-negotiation-ssl
+
+[452-version-negotiation-ssl]
+server = 452-version-negotiation-server
+client = 452-version-negotiation-client
+
+[452-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[452-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-452]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[453-version-negotiation]
+ssl_conf = 453-version-negotiation-ssl
+
+[453-version-negotiation-ssl]
+server = 453-version-negotiation-server
+client = 453-version-negotiation-client
+
+[453-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[453-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-453]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[454-version-negotiation]
+ssl_conf = 454-version-negotiation-ssl
+
+[454-version-negotiation-ssl]
+server = 454-version-negotiation-server
+client = 454-version-negotiation-client
+
+[454-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[454-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-454]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[455-version-negotiation]
+ssl_conf = 455-version-negotiation-ssl
+
+[455-version-negotiation-ssl]
+server = 455-version-negotiation-server
+client = 455-version-negotiation-client
+
+[455-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[455-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-455]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[456-version-negotiation]
+ssl_conf = 456-version-negotiation-ssl
+
+[456-version-negotiation-ssl]
+server = 456-version-negotiation-server
+client = 456-version-negotiation-client
+
+[456-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[456-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-456]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[457-version-negotiation]
+ssl_conf = 457-version-negotiation-ssl
+
+[457-version-negotiation-ssl]
+server = 457-version-negotiation-server
+client = 457-version-negotiation-client
+
+[457-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[457-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-457]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[458-version-negotiation]
+ssl_conf = 458-version-negotiation-ssl
+
+[458-version-negotiation-ssl]
+server = 458-version-negotiation-server
+client = 458-version-negotiation-client
+
+[458-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[458-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-458]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[459-version-negotiation]
+ssl_conf = 459-version-negotiation-ssl
+
+[459-version-negotiation-ssl]
+server = 459-version-negotiation-server
+client = 459-version-negotiation-client
+
+[459-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[459-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-459]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[460-version-negotiation]
+ssl_conf = 460-version-negotiation-ssl
+
+[460-version-negotiation-ssl]
+server = 460-version-negotiation-server
+client = 460-version-negotiation-client
+
+[460-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[460-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-460]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[461-version-negotiation]
+ssl_conf = 461-version-negotiation-ssl
+
+[461-version-negotiation-ssl]
+server = 461-version-negotiation-server
+client = 461-version-negotiation-client
+
+[461-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[461-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-461]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[462-version-negotiation]
+ssl_conf = 462-version-negotiation-ssl
+
+[462-version-negotiation-ssl]
+server = 462-version-negotiation-server
+client = 462-version-negotiation-client
+
+[462-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[462-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-462]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[463-version-negotiation]
+ssl_conf = 463-version-negotiation-ssl
+
+[463-version-negotiation-ssl]
+server = 463-version-negotiation-server
+client = 463-version-negotiation-client
+
+[463-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[463-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-463]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[464-version-negotiation]
+ssl_conf = 464-version-negotiation-ssl
+
+[464-version-negotiation-ssl]
+server = 464-version-negotiation-server
+client = 464-version-negotiation-client
+
+[464-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[464-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-464]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[465-version-negotiation]
+ssl_conf = 465-version-negotiation-ssl
+
+[465-version-negotiation-ssl]
+server = 465-version-negotiation-server
+client = 465-version-negotiation-client
+
+[465-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[465-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-465]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[466-version-negotiation]
+ssl_conf = 466-version-negotiation-ssl
+
+[466-version-negotiation-ssl]
+server = 466-version-negotiation-server
+client = 466-version-negotiation-client
+
+[466-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[466-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-466]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[467-version-negotiation]
+ssl_conf = 467-version-negotiation-ssl
+
+[467-version-negotiation-ssl]
+server = 467-version-negotiation-server
+client = 467-version-negotiation-client
+
+[467-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[467-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-467]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[468-version-negotiation]
+ssl_conf = 468-version-negotiation-ssl
+
+[468-version-negotiation-ssl]
+server = 468-version-negotiation-server
+client = 468-version-negotiation-client
+
+[468-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[468-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-468]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[469-version-negotiation]
+ssl_conf = 469-version-negotiation-ssl
+
+[469-version-negotiation-ssl]
+server = 469-version-negotiation-server
+client = 469-version-negotiation-client
+
+[469-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[469-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-469]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[470-version-negotiation]
+ssl_conf = 470-version-negotiation-ssl
+
+[470-version-negotiation-ssl]
+server = 470-version-negotiation-server
+client = 470-version-negotiation-client
+
+[470-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[470-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-470]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[471-version-negotiation]
+ssl_conf = 471-version-negotiation-ssl
+
+[471-version-negotiation-ssl]
+server = 471-version-negotiation-server
+client = 471-version-negotiation-client
+
+[471-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[471-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-471]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[472-version-negotiation]
+ssl_conf = 472-version-negotiation-ssl
+
+[472-version-negotiation-ssl]
+server = 472-version-negotiation-server
+client = 472-version-negotiation-client
+
+[472-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[472-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-472]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[473-version-negotiation]
+ssl_conf = 473-version-negotiation-ssl
+
+[473-version-negotiation-ssl]
+server = 473-version-negotiation-server
+client = 473-version-negotiation-client
+
+[473-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[473-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-473]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[474-version-negotiation]
+ssl_conf = 474-version-negotiation-ssl
+
+[474-version-negotiation-ssl]
+server = 474-version-negotiation-server
+client = 474-version-negotiation-client
+
+[474-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[474-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-474]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[475-version-negotiation]
+ssl_conf = 475-version-negotiation-ssl
+
+[475-version-negotiation-ssl]
+server = 475-version-negotiation-server
+client = 475-version-negotiation-client
+
+[475-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[475-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-475]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[476-version-negotiation]
+ssl_conf = 476-version-negotiation-ssl
+
+[476-version-negotiation-ssl]
+server = 476-version-negotiation-server
+client = 476-version-negotiation-client
+
+[476-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[476-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-476]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[477-version-negotiation]
+ssl_conf = 477-version-negotiation-ssl
+
+[477-version-negotiation-ssl]
+server = 477-version-negotiation-server
+client = 477-version-negotiation-client
+
+[477-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[477-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-477]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[478-version-negotiation]
+ssl_conf = 478-version-negotiation-ssl
+
+[478-version-negotiation-ssl]
+server = 478-version-negotiation-server
+client = 478-version-negotiation-client
+
+[478-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[478-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-478]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[479-version-negotiation]
+ssl_conf = 479-version-negotiation-ssl
+
+[479-version-negotiation-ssl]
+server = 479-version-negotiation-server
+client = 479-version-negotiation-client
+
+[479-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[479-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-479]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[480-version-negotiation]
+ssl_conf = 480-version-negotiation-ssl
+
+[480-version-negotiation-ssl]
+server = 480-version-negotiation-server
+client = 480-version-negotiation-client
+
+[480-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[480-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-480]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[481-version-negotiation]
+ssl_conf = 481-version-negotiation-ssl
+
+[481-version-negotiation-ssl]
+server = 481-version-negotiation-server
+client = 481-version-negotiation-client
+
+[481-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[481-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-481]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[482-version-negotiation]
+ssl_conf = 482-version-negotiation-ssl
+
+[482-version-negotiation-ssl]
+server = 482-version-negotiation-server
+client = 482-version-negotiation-client
+
+[482-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[482-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-482]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[483-version-negotiation]
+ssl_conf = 483-version-negotiation-ssl
+
+[483-version-negotiation-ssl]
+server = 483-version-negotiation-server
+client = 483-version-negotiation-client
+
+[483-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[483-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-483]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[484-version-negotiation]
+ssl_conf = 484-version-negotiation-ssl
+
+[484-version-negotiation-ssl]
+server = 484-version-negotiation-server
+client = 484-version-negotiation-client
+
+[484-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[484-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-484]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[485-version-negotiation]
+ssl_conf = 485-version-negotiation-ssl
+
+[485-version-negotiation-ssl]
+server = 485-version-negotiation-server
+client = 485-version-negotiation-client
+
+[485-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[485-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-485]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[486-version-negotiation]
+ssl_conf = 486-version-negotiation-ssl
+
+[486-version-negotiation-ssl]
+server = 486-version-negotiation-server
+client = 486-version-negotiation-client
+
+[486-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[486-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-486]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[487-version-negotiation]
+ssl_conf = 487-version-negotiation-ssl
+
+[487-version-negotiation-ssl]
+server = 487-version-negotiation-server
+client = 487-version-negotiation-client
+
+[487-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[487-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-487]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[488-version-negotiation]
+ssl_conf = 488-version-negotiation-ssl
+
+[488-version-negotiation-ssl]
+server = 488-version-negotiation-server
+client = 488-version-negotiation-client
+
+[488-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[488-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-488]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[489-version-negotiation]
+ssl_conf = 489-version-negotiation-ssl
+
+[489-version-negotiation-ssl]
+server = 489-version-negotiation-server
+client = 489-version-negotiation-client
+
+[489-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[489-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-489]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[490-version-negotiation]
+ssl_conf = 490-version-negotiation-ssl
+
+[490-version-negotiation-ssl]
+server = 490-version-negotiation-server
+client = 490-version-negotiation-client
+
+[490-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[490-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-490]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[491-version-negotiation]
+ssl_conf = 491-version-negotiation-ssl
+
+[491-version-negotiation-ssl]
+server = 491-version-negotiation-server
+client = 491-version-negotiation-client
+
+[491-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[491-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-491]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[492-version-negotiation]
+ssl_conf = 492-version-negotiation-ssl
+
+[492-version-negotiation-ssl]
+server = 492-version-negotiation-server
+client = 492-version-negotiation-client
+
+[492-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[492-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-492]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[493-version-negotiation]
+ssl_conf = 493-version-negotiation-ssl
+
+[493-version-negotiation-ssl]
+server = 493-version-negotiation-server
+client = 493-version-negotiation-client
+
+[493-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[493-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-493]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[494-version-negotiation]
+ssl_conf = 494-version-negotiation-ssl
+
+[494-version-negotiation-ssl]
+server = 494-version-negotiation-server
+client = 494-version-negotiation-client
+
+[494-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[494-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-494]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[495-version-negotiation]
+ssl_conf = 495-version-negotiation-ssl
+
+[495-version-negotiation-ssl]
+server = 495-version-negotiation-server
+client = 495-version-negotiation-client
+
+[495-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[495-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-495]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[496-version-negotiation]
+ssl_conf = 496-version-negotiation-ssl
+
+[496-version-negotiation-ssl]
+server = 496-version-negotiation-server
+client = 496-version-negotiation-client
+
+[496-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[496-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-496]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[497-version-negotiation]
+ssl_conf = 497-version-negotiation-ssl
+
+[497-version-negotiation-ssl]
+server = 497-version-negotiation-server
+client = 497-version-negotiation-client
+
+[497-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[497-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-497]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[498-version-negotiation]
+ssl_conf = 498-version-negotiation-ssl
+
+[498-version-negotiation-ssl]
+server = 498-version-negotiation-server
+client = 498-version-negotiation-client
+
+[498-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[498-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-498]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[499-version-negotiation]
+ssl_conf = 499-version-negotiation-ssl
+
+[499-version-negotiation-ssl]
+server = 499-version-negotiation-server
+client = 499-version-negotiation-client
+
+[499-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[499-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-499]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[500-version-negotiation]
+ssl_conf = 500-version-negotiation-ssl
+
+[500-version-negotiation-ssl]
+server = 500-version-negotiation-server
+client = 500-version-negotiation-client
+
+[500-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[500-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-500]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[501-version-negotiation]
+ssl_conf = 501-version-negotiation-ssl
+
+[501-version-negotiation-ssl]
+server = 501-version-negotiation-server
+client = 501-version-negotiation-client
+
+[501-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[501-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-501]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[502-version-negotiation]
+ssl_conf = 502-version-negotiation-ssl
+
+[502-version-negotiation-ssl]
+server = 502-version-negotiation-server
+client = 502-version-negotiation-client
+
+[502-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[502-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-502]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[503-version-negotiation]
+ssl_conf = 503-version-negotiation-ssl
+
+[503-version-negotiation-ssl]
+server = 503-version-negotiation-server
+client = 503-version-negotiation-client
+
+[503-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[503-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-503]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[504-version-negotiation]
+ssl_conf = 504-version-negotiation-ssl
+
+[504-version-negotiation-ssl]
+server = 504-version-negotiation-server
+client = 504-version-negotiation-client
+
+[504-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[504-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-504]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[505-version-negotiation]
+ssl_conf = 505-version-negotiation-ssl
+
+[505-version-negotiation-ssl]
+server = 505-version-negotiation-server
+client = 505-version-negotiation-client
+
+[505-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[505-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-505]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[506-version-negotiation]
+ssl_conf = 506-version-negotiation-ssl
+
+[506-version-negotiation-ssl]
+server = 506-version-negotiation-server
+client = 506-version-negotiation-client
+
+[506-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[506-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-506]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[507-version-negotiation]
+ssl_conf = 507-version-negotiation-ssl
+
+[507-version-negotiation-ssl]
+server = 507-version-negotiation-server
+client = 507-version-negotiation-client
+
+[507-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[507-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-507]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[508-version-negotiation]
+ssl_conf = 508-version-negotiation-ssl
+
+[508-version-negotiation-ssl]
+server = 508-version-negotiation-server
+client = 508-version-negotiation-client
+
+[508-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[508-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-508]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[509-version-negotiation]
+ssl_conf = 509-version-negotiation-ssl
+
+[509-version-negotiation-ssl]
+server = 509-version-negotiation-server
+client = 509-version-negotiation-client
+
+[509-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[509-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-509]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[510-version-negotiation]
+ssl_conf = 510-version-negotiation-ssl
+
+[510-version-negotiation-ssl]
+server = 510-version-negotiation-server
+client = 510-version-negotiation-client
+
+[510-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[510-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-510]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[511-version-negotiation]
+ssl_conf = 511-version-negotiation-ssl
+
+[511-version-negotiation-ssl]
+server = 511-version-negotiation-server
+client = 511-version-negotiation-client
+
+[511-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[511-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-511]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[512-version-negotiation]
+ssl_conf = 512-version-negotiation-ssl
+
+[512-version-negotiation-ssl]
+server = 512-version-negotiation-server
+client = 512-version-negotiation-client
+
+[512-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[512-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-512]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[513-version-negotiation]
+ssl_conf = 513-version-negotiation-ssl
+
+[513-version-negotiation-ssl]
+server = 513-version-negotiation-server
+client = 513-version-negotiation-client
+
+[513-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[513-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-513]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[514-version-negotiation]
+ssl_conf = 514-version-negotiation-ssl
+
+[514-version-negotiation-ssl]
+server = 514-version-negotiation-server
+client = 514-version-negotiation-client
+
+[514-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[514-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-514]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[515-version-negotiation]
+ssl_conf = 515-version-negotiation-ssl
+
+[515-version-negotiation-ssl]
+server = 515-version-negotiation-server
+client = 515-version-negotiation-client
+
+[515-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[515-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-515]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[516-version-negotiation]
+ssl_conf = 516-version-negotiation-ssl
+
+[516-version-negotiation-ssl]
+server = 516-version-negotiation-server
+client = 516-version-negotiation-client
+
+[516-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[516-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-516]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[517-version-negotiation]
+ssl_conf = 517-version-negotiation-ssl
+
+[517-version-negotiation-ssl]
+server = 517-version-negotiation-server
+client = 517-version-negotiation-client
+
+[517-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[517-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-517]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[518-version-negotiation]
+ssl_conf = 518-version-negotiation-ssl
+
+[518-version-negotiation-ssl]
+server = 518-version-negotiation-server
+client = 518-version-negotiation-client
+
+[518-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[518-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-518]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[519-version-negotiation]
+ssl_conf = 519-version-negotiation-ssl
+
+[519-version-negotiation-ssl]
+server = 519-version-negotiation-server
+client = 519-version-negotiation-client
+
+[519-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[519-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-519]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[520-version-negotiation]
+ssl_conf = 520-version-negotiation-ssl
+
+[520-version-negotiation-ssl]
+server = 520-version-negotiation-server
+client = 520-version-negotiation-client
+
+[520-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[520-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-520]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[521-version-negotiation]
+ssl_conf = 521-version-negotiation-ssl
+
+[521-version-negotiation-ssl]
+server = 521-version-negotiation-server
+client = 521-version-negotiation-client
+
+[521-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[521-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-521]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[522-version-negotiation]
+ssl_conf = 522-version-negotiation-ssl
+
+[522-version-negotiation-ssl]
+server = 522-version-negotiation-server
+client = 522-version-negotiation-client
+
+[522-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[522-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-522]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[523-version-negotiation]
+ssl_conf = 523-version-negotiation-ssl
+
+[523-version-negotiation-ssl]
+server = 523-version-negotiation-server
+client = 523-version-negotiation-client
+
+[523-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[523-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-523]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[524-version-negotiation]
+ssl_conf = 524-version-negotiation-ssl
+
+[524-version-negotiation-ssl]
+server = 524-version-negotiation-server
+client = 524-version-negotiation-client
+
+[524-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[524-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-524]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[525-version-negotiation]
+ssl_conf = 525-version-negotiation-ssl
+
+[525-version-negotiation-ssl]
+server = 525-version-negotiation-server
+client = 525-version-negotiation-client
+
+[525-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[525-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-525]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[526-version-negotiation]
+ssl_conf = 526-version-negotiation-ssl
+
+[526-version-negotiation-ssl]
+server = 526-version-negotiation-server
+client = 526-version-negotiation-client
+
+[526-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[526-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-526]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[527-version-negotiation]
+ssl_conf = 527-version-negotiation-ssl
+
+[527-version-negotiation-ssl]
+server = 527-version-negotiation-server
+client = 527-version-negotiation-client
+
+[527-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[527-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-527]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[528-version-negotiation]
+ssl_conf = 528-version-negotiation-ssl
+
+[528-version-negotiation-ssl]
+server = 528-version-negotiation-server
+client = 528-version-negotiation-client
+
+[528-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[528-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-528]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[529-version-negotiation]
+ssl_conf = 529-version-negotiation-ssl
+
+[529-version-negotiation-ssl]
+server = 529-version-negotiation-server
+client = 529-version-negotiation-client
+
+[529-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[529-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-529]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
+# ===========================================================
+
+[530-version-negotiation]
+ssl_conf = 530-version-negotiation-ssl
+
+[530-version-negotiation-ssl]
+server = 530-version-negotiation-server
+client = 530-version-negotiation-client
+
+[530-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[530-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-530]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[531-version-negotiation]
+ssl_conf = 531-version-negotiation-ssl
+
+[531-version-negotiation-ssl]
+server = 531-version-negotiation-server
+client = 531-version-negotiation-client
+
+[531-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[531-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-531]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[532-version-negotiation]
+ssl_conf = 532-version-negotiation-ssl
+
+[532-version-negotiation-ssl]
+server = 532-version-negotiation-server
+client = 532-version-negotiation-client
+
+[532-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[532-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-532]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[533-version-negotiation]
+ssl_conf = 533-version-negotiation-ssl
+
+[533-version-negotiation-ssl]
+server = 533-version-negotiation-server
+client = 533-version-negotiation-client
+
+[533-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[533-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-533]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[534-version-negotiation]
+ssl_conf = 534-version-negotiation-ssl
+
+[534-version-negotiation-ssl]
+server = 534-version-negotiation-server
+client = 534-version-negotiation-client
+
+[534-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[534-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-534]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[535-version-negotiation]
+ssl_conf = 535-version-negotiation-ssl
+
+[535-version-negotiation-ssl]
+server = 535-version-negotiation-server
+client = 535-version-negotiation-client
+
+[535-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[535-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-535]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[536-version-negotiation]
+ssl_conf = 536-version-negotiation-ssl
+
+[536-version-negotiation-ssl]
+server = 536-version-negotiation-server
+client = 536-version-negotiation-client
+
+[536-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[536-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-536]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[537-version-negotiation]
+ssl_conf = 537-version-negotiation-ssl
+
+[537-version-negotiation-ssl]
+server = 537-version-negotiation-server
+client = 537-version-negotiation-client
+
+[537-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[537-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-537]
+ExpectedProtocol = TLSv1.1
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[538-version-negotiation]
+ssl_conf = 538-version-negotiation-ssl
+
+[538-version-negotiation-ssl]
+server = 538-version-negotiation-server
+client = 538-version-negotiation-client
+
+[538-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[538-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-538]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[539-version-negotiation]
+ssl_conf = 539-version-negotiation-ssl
+
+[539-version-negotiation-ssl]
+server = 539-version-negotiation-server
+client = 539-version-negotiation-client
+
+[539-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[539-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-539]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[540-version-negotiation]
+ssl_conf = 540-version-negotiation-ssl
+
+[540-version-negotiation-ssl]
+server = 540-version-negotiation-server
+client = 540-version-negotiation-client
+
+[540-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[540-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-540]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[541-version-negotiation]
+ssl_conf = 541-version-negotiation-ssl
+
+[541-version-negotiation-ssl]
+server = 541-version-negotiation-server
+client = 541-version-negotiation-client
+
+[541-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[541-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-541]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[542-version-negotiation]
+ssl_conf = 542-version-negotiation-ssl
+
+[542-version-negotiation-ssl]
+server = 542-version-negotiation-server
+client = 542-version-negotiation-client
+
+[542-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[542-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-542]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[543-version-negotiation]
+ssl_conf = 543-version-negotiation-ssl
+
+[543-version-negotiation-ssl]
+server = 543-version-negotiation-server
+client = 543-version-negotiation-client
+
+[543-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[543-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-543]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[544-version-negotiation]
+ssl_conf = 544-version-negotiation-ssl
+
+[544-version-negotiation-ssl]
+server = 544-version-negotiation-server
+client = 544-version-negotiation-client
+
+[544-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[544-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-544]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[545-version-negotiation]
+ssl_conf = 545-version-negotiation-ssl
+
+[545-version-negotiation-ssl]
+server = 545-version-negotiation-server
+client = 545-version-negotiation-client
+
+[545-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[545-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-545]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[546-version-negotiation]
+ssl_conf = 546-version-negotiation-ssl
+
+[546-version-negotiation-ssl]
+server = 546-version-negotiation-server
+client = 546-version-negotiation-client
+
+[546-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[546-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-546]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[547-version-negotiation]
+ssl_conf = 547-version-negotiation-ssl
+
+[547-version-negotiation-ssl]
+server = 547-version-negotiation-server
+client = 547-version-negotiation-client
+
+[547-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[547-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-547]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[548-version-negotiation]
+ssl_conf = 548-version-negotiation-ssl
+
+[548-version-negotiation-ssl]
+server = 548-version-negotiation-server
+client = 548-version-negotiation-client
+
+[548-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[548-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-548]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[549-version-negotiation]
+ssl_conf = 549-version-negotiation-ssl
+
+[549-version-negotiation-ssl]
+server = 549-version-negotiation-server
+client = 549-version-negotiation-client
+
+[549-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[549-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-549]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[550-version-negotiation]
+ssl_conf = 550-version-negotiation-ssl
+
+[550-version-negotiation-ssl]
+server = 550-version-negotiation-server
+client = 550-version-negotiation-client
+
+[550-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[550-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-550]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[551-version-negotiation]
+ssl_conf = 551-version-negotiation-ssl
+
+[551-version-negotiation-ssl]
+server = 551-version-negotiation-server
+client = 551-version-negotiation-client
+
+[551-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[551-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-551]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[552-version-negotiation]
+ssl_conf = 552-version-negotiation-ssl
+
+[552-version-negotiation-ssl]
+server = 552-version-negotiation-server
+client = 552-version-negotiation-client
+
+[552-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[552-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-552]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[553-version-negotiation]
+ssl_conf = 553-version-negotiation-ssl
+
+[553-version-negotiation-ssl]
+server = 553-version-negotiation-server
+client = 553-version-negotiation-client
+
+[553-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[553-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-553]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[554-version-negotiation]
+ssl_conf = 554-version-negotiation-ssl
+
+[554-version-negotiation-ssl]
+server = 554-version-negotiation-server
+client = 554-version-negotiation-client
+
+[554-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[554-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-554]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[555-version-negotiation]
+ssl_conf = 555-version-negotiation-ssl
+
+[555-version-negotiation-ssl]
+server = 555-version-negotiation-server
+client = 555-version-negotiation-client
+
+[555-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[555-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-555]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[556-version-negotiation]
+ssl_conf = 556-version-negotiation-ssl
+
+[556-version-negotiation-ssl]
+server = 556-version-negotiation-server
+client = 556-version-negotiation-client
+
+[556-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[556-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-556]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[557-version-negotiation]
+ssl_conf = 557-version-negotiation-ssl
+
+[557-version-negotiation-ssl]
+server = 557-version-negotiation-server
+client = 557-version-negotiation-client
+
+[557-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[557-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-557]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[558-version-negotiation]
+ssl_conf = 558-version-negotiation-ssl
+
+[558-version-negotiation-ssl]
+server = 558-version-negotiation-server
+client = 558-version-negotiation-client
+
+[558-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[558-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-558]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[559-version-negotiation]
+ssl_conf = 559-version-negotiation-ssl
+
+[559-version-negotiation-ssl]
+server = 559-version-negotiation-server
+client = 559-version-negotiation-client
+
+[559-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[559-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-559]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[560-version-negotiation]
+ssl_conf = 560-version-negotiation-ssl
+
+[560-version-negotiation-ssl]
+server = 560-version-negotiation-server
+client = 560-version-negotiation-client
+
+[560-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[560-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-560]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[561-version-negotiation]
+ssl_conf = 561-version-negotiation-ssl
+
+[561-version-negotiation-ssl]
+server = 561-version-negotiation-server
+client = 561-version-negotiation-client
+
+[561-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[561-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-561]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[562-version-negotiation]
+ssl_conf = 562-version-negotiation-ssl
+
+[562-version-negotiation-ssl]
+server = 562-version-negotiation-server
+client = 562-version-negotiation-client
+
+[562-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[562-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-562]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[563-version-negotiation]
+ssl_conf = 563-version-negotiation-ssl
+
+[563-version-negotiation-ssl]
+server = 563-version-negotiation-server
+client = 563-version-negotiation-client
+
+[563-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[563-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-563]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[564-version-negotiation]
+ssl_conf = 564-version-negotiation-ssl
+
+[564-version-negotiation-ssl]
+server = 564-version-negotiation-server
+client = 564-version-negotiation-client
+
+[564-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[564-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-564]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[565-version-negotiation]
+ssl_conf = 565-version-negotiation-ssl
+
+[565-version-negotiation-ssl]
+server = 565-version-negotiation-server
+client = 565-version-negotiation-client
+
+[565-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[565-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-565]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[566-version-negotiation]
+ssl_conf = 566-version-negotiation-ssl
+
+[566-version-negotiation-ssl]
+server = 566-version-negotiation-server
+client = 566-version-negotiation-client
+
+[566-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[566-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-566]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[567-version-negotiation]
+ssl_conf = 567-version-negotiation-ssl
+
+[567-version-negotiation-ssl]
+server = 567-version-negotiation-server
+client = 567-version-negotiation-client
+
+[567-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[567-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-567]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[568-version-negotiation]
+ssl_conf = 568-version-negotiation-ssl
+
+[568-version-negotiation-ssl]
+server = 568-version-negotiation-server
+client = 568-version-negotiation-client
+
+[568-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[568-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-568]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[569-version-negotiation]
+ssl_conf = 569-version-negotiation-ssl
+
+[569-version-negotiation-ssl]
+server = 569-version-negotiation-server
+client = 569-version-negotiation-client
+
+[569-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[569-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-569]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[570-version-negotiation]
+ssl_conf = 570-version-negotiation-ssl
+
+[570-version-negotiation-ssl]
+server = 570-version-negotiation-server
+client = 570-version-negotiation-client
+
+[570-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[570-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-570]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[571-version-negotiation]
+ssl_conf = 571-version-negotiation-ssl
+
+[571-version-negotiation-ssl]
+server = 571-version-negotiation-server
+client = 571-version-negotiation-client
+
+[571-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[571-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-571]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[572-version-negotiation]
+ssl_conf = 572-version-negotiation-ssl
+
+[572-version-negotiation-ssl]
+server = 572-version-negotiation-server
+client = 572-version-negotiation-client
+
+[572-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[572-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-572]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[573-version-negotiation]
+ssl_conf = 573-version-negotiation-ssl
+
+[573-version-negotiation-ssl]
+server = 573-version-negotiation-server
+client = 573-version-negotiation-client
+
+[573-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[573-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-573]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[574-version-negotiation]
+ssl_conf = 574-version-negotiation-ssl
+
+[574-version-negotiation-ssl]
+server = 574-version-negotiation-server
+client = 574-version-negotiation-client
+
+[574-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[574-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-574]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[575-version-negotiation]
+ssl_conf = 575-version-negotiation-ssl
+
+[575-version-negotiation-ssl]
+server = 575-version-negotiation-server
+client = 575-version-negotiation-client
+
+[575-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[575-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-575]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[576-version-negotiation]
+ssl_conf = 576-version-negotiation-ssl
+
+[576-version-negotiation-ssl]
+server = 576-version-negotiation-server
+client = 576-version-negotiation-client
+
+[576-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[576-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-576]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[577-version-negotiation]
+ssl_conf = 577-version-negotiation-ssl
+
+[577-version-negotiation-ssl]
+server = 577-version-negotiation-server
+client = 577-version-negotiation-client
+
+[577-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[577-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-577]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[578-version-negotiation]
+ssl_conf = 578-version-negotiation-ssl
+
+[578-version-negotiation-ssl]
+server = 578-version-negotiation-server
+client = 578-version-negotiation-client
+
+[578-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[578-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-578]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[579-version-negotiation]
+ssl_conf = 579-version-negotiation-ssl
+
+[579-version-negotiation-ssl]
+server = 579-version-negotiation-server
+client = 579-version-negotiation-client
+
+[579-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[579-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-579]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[580-version-negotiation]
+ssl_conf = 580-version-negotiation-ssl
+
+[580-version-negotiation-ssl]
+server = 580-version-negotiation-server
+client = 580-version-negotiation-client
+
+[580-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[580-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-580]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[581-version-negotiation]
+ssl_conf = 581-version-negotiation-ssl
+
+[581-version-negotiation-ssl]
+server = 581-version-negotiation-server
+client = 581-version-negotiation-client
+
+[581-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[581-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-581]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[582-version-negotiation]
+ssl_conf = 582-version-negotiation-ssl
+
+[582-version-negotiation-ssl]
+server = 582-version-negotiation-server
+client = 582-version-negotiation-client
+
+[582-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[582-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-582]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[583-version-negotiation]
+ssl_conf = 583-version-negotiation-ssl
+
+[583-version-negotiation-ssl]
+server = 583-version-negotiation-server
+client = 583-version-negotiation-client
+
+[583-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[583-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-583]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[584-version-negotiation]
+ssl_conf = 584-version-negotiation-ssl
+
+[584-version-negotiation-ssl]
+server = 584-version-negotiation-server
+client = 584-version-negotiation-client
+
+[584-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[584-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-584]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[585-version-negotiation]
+ssl_conf = 585-version-negotiation-ssl
+
+[585-version-negotiation-ssl]
+server = 585-version-negotiation-server
+client = 585-version-negotiation-client
+
+[585-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[585-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-585]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[586-version-negotiation]
+ssl_conf = 586-version-negotiation-ssl
+
+[586-version-negotiation-ssl]
+server = 586-version-negotiation-server
+client = 586-version-negotiation-client
+
+[586-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[586-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-586]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[587-version-negotiation]
+ssl_conf = 587-version-negotiation-ssl
+
+[587-version-negotiation-ssl]
+server = 587-version-negotiation-server
+client = 587-version-negotiation-client
+
+[587-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[587-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-587]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[588-version-negotiation]
+ssl_conf = 588-version-negotiation-ssl
+
+[588-version-negotiation-ssl]
+server = 588-version-negotiation-server
+client = 588-version-negotiation-client
+
+[588-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[588-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-588]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[589-version-negotiation]
+ssl_conf = 589-version-negotiation-ssl
+
+[589-version-negotiation-ssl]
+server = 589-version-negotiation-server
+client = 589-version-negotiation-client
+
+[589-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[589-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-589]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[590-version-negotiation]
+ssl_conf = 590-version-negotiation-ssl
+
+[590-version-negotiation-ssl]
+server = 590-version-negotiation-server
+client = 590-version-negotiation-client
+
+[590-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[590-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-590]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[591-version-negotiation]
+ssl_conf = 591-version-negotiation-ssl
+
+[591-version-negotiation-ssl]
+server = 591-version-negotiation-server
+client = 591-version-negotiation-client
+
+[591-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[591-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-591]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[592-version-negotiation]
+ssl_conf = 592-version-negotiation-ssl
+
+[592-version-negotiation-ssl]
+server = 592-version-negotiation-server
+client = 592-version-negotiation-client
+
+[592-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[592-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-592]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[593-version-negotiation]
+ssl_conf = 593-version-negotiation-ssl
+
+[593-version-negotiation-ssl]
+server = 593-version-negotiation-server
+client = 593-version-negotiation-client
+
+[593-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[593-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-593]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[594-version-negotiation]
+ssl_conf = 594-version-negotiation-ssl
+
+[594-version-negotiation-ssl]
+server = 594-version-negotiation-server
+client = 594-version-negotiation-client
+
+[594-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[594-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-594]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[595-version-negotiation]
+ssl_conf = 595-version-negotiation-ssl
+
+[595-version-negotiation-ssl]
+server = 595-version-negotiation-server
+client = 595-version-negotiation-client
+
+[595-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[595-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-595]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[596-version-negotiation]
+ssl_conf = 596-version-negotiation-ssl
+
+[596-version-negotiation-ssl]
+server = 596-version-negotiation-server
+client = 596-version-negotiation-client
+
+[596-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[596-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-596]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[597-version-negotiation]
+ssl_conf = 597-version-negotiation-ssl
+
+[597-version-negotiation-ssl]
+server = 597-version-negotiation-server
+client = 597-version-negotiation-client
+
+[597-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[597-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-597]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[598-version-negotiation]
+ssl_conf = 598-version-negotiation-ssl
+
+[598-version-negotiation-ssl]
+server = 598-version-negotiation-server
+client = 598-version-negotiation-client
+
+[598-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[598-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-598]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[599-version-negotiation]
+ssl_conf = 599-version-negotiation-ssl
+
+[599-version-negotiation-ssl]
+server = 599-version-negotiation-server
+client = 599-version-negotiation-client
+
+[599-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[599-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-599]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[600-version-negotiation]
+ssl_conf = 600-version-negotiation-ssl
+
+[600-version-negotiation-ssl]
+server = 600-version-negotiation-server
+client = 600-version-negotiation-client
+
+[600-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[600-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-600]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[601-version-negotiation]
+ssl_conf = 601-version-negotiation-ssl
+
+[601-version-negotiation-ssl]
+server = 601-version-negotiation-server
+client = 601-version-negotiation-client
+
+[601-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[601-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-601]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[602-version-negotiation]
+ssl_conf = 602-version-negotiation-ssl
+
+[602-version-negotiation-ssl]
+server = 602-version-negotiation-server
+client = 602-version-negotiation-client
+
+[602-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[602-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-602]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[603-version-negotiation]
+ssl_conf = 603-version-negotiation-ssl
+
+[603-version-negotiation-ssl]
+server = 603-version-negotiation-server
+client = 603-version-negotiation-client
+
+[603-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[603-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-603]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[604-version-negotiation]
+ssl_conf = 604-version-negotiation-ssl
+
+[604-version-negotiation-ssl]
+server = 604-version-negotiation-server
+client = 604-version-negotiation-client
+
+[604-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[604-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-604]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[605-version-negotiation]
+ssl_conf = 605-version-negotiation-ssl
+
+[605-version-negotiation-ssl]
+server = 605-version-negotiation-server
+client = 605-version-negotiation-client
+
+[605-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[605-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-605]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[606-version-negotiation]
+ssl_conf = 606-version-negotiation-ssl
+
+[606-version-negotiation-ssl]
+server = 606-version-negotiation-server
+client = 606-version-negotiation-client
+
+[606-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[606-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-606]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[607-version-negotiation]
+ssl_conf = 607-version-negotiation-ssl
+
+[607-version-negotiation-ssl]
+server = 607-version-negotiation-server
+client = 607-version-negotiation-client
+
+[607-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[607-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-607]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[608-version-negotiation]
+ssl_conf = 608-version-negotiation-ssl
+
+[608-version-negotiation-ssl]
+server = 608-version-negotiation-server
+client = 608-version-negotiation-client
+
+[608-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[608-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-608]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[609-version-negotiation]
+ssl_conf = 609-version-negotiation-ssl
+
+[609-version-negotiation-ssl]
+server = 609-version-negotiation-server
+client = 609-version-negotiation-client
+
+[609-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[609-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-609]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[610-version-negotiation]
+ssl_conf = 610-version-negotiation-ssl
+
+[610-version-negotiation-ssl]
+server = 610-version-negotiation-server
+client = 610-version-negotiation-client
+
+[610-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[610-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-610]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[611-version-negotiation]
+ssl_conf = 611-version-negotiation-ssl
+
+[611-version-negotiation-ssl]
+server = 611-version-negotiation-server
+client = 611-version-negotiation-client
+
+[611-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[611-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-611]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[612-version-negotiation]
+ssl_conf = 612-version-negotiation-ssl
+
+[612-version-negotiation-ssl]
+server = 612-version-negotiation-server
+client = 612-version-negotiation-client
+
+[612-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[612-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-612]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[613-version-negotiation]
+ssl_conf = 613-version-negotiation-ssl
+
+[613-version-negotiation-ssl]
+server = 613-version-negotiation-server
+client = 613-version-negotiation-client
+
+[613-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[613-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-613]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[614-version-negotiation]
+ssl_conf = 614-version-negotiation-ssl
+
+[614-version-negotiation-ssl]
+server = 614-version-negotiation-server
+client = 614-version-negotiation-client
+
+[614-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[614-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-614]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[615-version-negotiation]
+ssl_conf = 615-version-negotiation-ssl
+
+[615-version-negotiation-ssl]
+server = 615-version-negotiation-server
+client = 615-version-negotiation-client
+
+[615-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[615-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-615]
+ExpectedResult = ClientFail
+
+
+# ===========================================================
+
+[616-version-negotiation]
+ssl_conf = 616-version-negotiation-ssl
+
+[616-version-negotiation-ssl]
+server = 616-version-negotiation-server
+client = 616-version-negotiation-client
+
+[616-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[616-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-616]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[617-version-negotiation]
+ssl_conf = 617-version-negotiation-ssl
+
+[617-version-negotiation-ssl]
+server = 617-version-negotiation-server
+client = 617-version-negotiation-client
+
+[617-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[617-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-617]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[618-version-negotiation]
+ssl_conf = 618-version-negotiation-ssl
+
+[618-version-negotiation-ssl]
+server = 618-version-negotiation-server
+client = 618-version-negotiation-client
+
+[618-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[618-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-618]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[619-version-negotiation]
+ssl_conf = 619-version-negotiation-ssl
+
+[619-version-negotiation-ssl]
+server = 619-version-negotiation-server
+client = 619-version-negotiation-client
+
+[619-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[619-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-619]
+ExpectedProtocol = TLSv1.2
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[620-version-negotiation]
+ssl_conf = 620-version-negotiation-ssl
+
+[620-version-negotiation-ssl]
+server = 620-version-negotiation-server
+client = 620-version-negotiation-client
+
+[620-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[620-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-620]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[621-version-negotiation]
+ssl_conf = 621-version-negotiation-ssl
+
+[621-version-negotiation-ssl]
+server = 621-version-negotiation-server
+client = 621-version-negotiation-client
+
+[621-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[621-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-621]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[622-version-negotiation]
+ssl_conf = 622-version-negotiation-ssl
+
+[622-version-negotiation-ssl]
+server = 622-version-negotiation-server
+client = 622-version-negotiation-client
+
+[622-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[622-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-622]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[623-version-negotiation]
+ssl_conf = 623-version-negotiation-ssl
+
+[623-version-negotiation-ssl]
+server = 623-version-negotiation-server
+client = 623-version-negotiation-client
+
+[623-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[623-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-623]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[624-version-negotiation]
+ssl_conf = 624-version-negotiation-ssl
+
+[624-version-negotiation-ssl]
+server = 624-version-negotiation-server
+client = 624-version-negotiation-client
+
+[624-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[624-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-624]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[625-version-negotiation]
+ssl_conf = 625-version-negotiation-ssl
+
+[625-version-negotiation-ssl]
+server = 625-version-negotiation-server
+client = 625-version-negotiation-client
+
+[625-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[625-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-625]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[626-version-negotiation]
+ssl_conf = 626-version-negotiation-ssl
+
+[626-version-negotiation-ssl]
+server = 626-version-negotiation-server
+client = 626-version-negotiation-client
+
+[626-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[626-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-626]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[627-version-negotiation]
+ssl_conf = 627-version-negotiation-ssl
+
+[627-version-negotiation-ssl]
+server = 627-version-negotiation-server
+client = 627-version-negotiation-client
+
+[627-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[627-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-627]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[628-version-negotiation]
+ssl_conf = 628-version-negotiation-ssl
+
+[628-version-negotiation-ssl]
+server = 628-version-negotiation-server
+client = 628-version-negotiation-client
+
+[628-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[628-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-628]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[629-version-negotiation]
+ssl_conf = 629-version-negotiation-ssl
+
+[629-version-negotiation-ssl]
+server = 629-version-negotiation-server
+client = 629-version-negotiation-client
+
+[629-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[629-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-629]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[630-version-negotiation]
+ssl_conf = 630-version-negotiation-ssl
+
+[630-version-negotiation-ssl]
+server = 630-version-negotiation-server
+client = 630-version-negotiation-client
+
+[630-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[630-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-630]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[631-version-negotiation]
+ssl_conf = 631-version-negotiation-ssl
+
+[631-version-negotiation-ssl]
+server = 631-version-negotiation-server
+client = 631-version-negotiation-client
+
+[631-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[631-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-631]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[632-version-negotiation]
+ssl_conf = 632-version-negotiation-ssl
+
+[632-version-negotiation-ssl]
+server = 632-version-negotiation-server
+client = 632-version-negotiation-client
+
+[632-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[632-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-632]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[633-version-negotiation]
+ssl_conf = 633-version-negotiation-ssl
+
+[633-version-negotiation-ssl]
+server = 633-version-negotiation-server
+client = 633-version-negotiation-client
+
+[633-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[633-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-633]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[634-version-negotiation]
+ssl_conf = 634-version-negotiation-ssl
+
+[634-version-negotiation-ssl]
+server = 634-version-negotiation-server
+client = 634-version-negotiation-client
+
+[634-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[634-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-634]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[635-version-negotiation]
+ssl_conf = 635-version-negotiation-ssl
+
+[635-version-negotiation-ssl]
+server = 635-version-negotiation-server
+client = 635-version-negotiation-client
+
+[635-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[635-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-635]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[636-version-negotiation]
+ssl_conf = 636-version-negotiation-ssl
+
+[636-version-negotiation-ssl]
+server = 636-version-negotiation-server
+client = 636-version-negotiation-client
+
+[636-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[636-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-636]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[637-version-negotiation]
+ssl_conf = 637-version-negotiation-ssl
+
+[637-version-negotiation-ssl]
+server = 637-version-negotiation-server
+client = 637-version-negotiation-client
+
+[637-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[637-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-637]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[638-version-negotiation]
+ssl_conf = 638-version-negotiation-ssl
+
+[638-version-negotiation-ssl]
+server = 638-version-negotiation-server
+client = 638-version-negotiation-client
+
+[638-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[638-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-638]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[639-version-negotiation]
+ssl_conf = 639-version-negotiation-ssl
+
+[639-version-negotiation-ssl]
+server = 639-version-negotiation-server
+client = 639-version-negotiation-client
+
+[639-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[639-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-639]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[640-version-negotiation]
+ssl_conf = 640-version-negotiation-ssl
+
+[640-version-negotiation-ssl]
+server = 640-version-negotiation-server
+client = 640-version-negotiation-client
+
+[640-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[640-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-640]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[641-version-negotiation]
+ssl_conf = 641-version-negotiation-ssl
+
+[641-version-negotiation-ssl]
+server = 641-version-negotiation-server
+client = 641-version-negotiation-client
+
+[641-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[641-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-641]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[642-version-negotiation]
+ssl_conf = 642-version-negotiation-ssl
+
+[642-version-negotiation-ssl]
+server = 642-version-negotiation-server
+client = 642-version-negotiation-client
+
+[642-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[642-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-642]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[643-version-negotiation]
+ssl_conf = 643-version-negotiation-ssl
+
+[643-version-negotiation-ssl]
+server = 643-version-negotiation-server
+client = 643-version-negotiation-client
+
+[643-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[643-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-643]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[644-version-negotiation]
+ssl_conf = 644-version-negotiation-ssl
+
+[644-version-negotiation-ssl]
+server = 644-version-negotiation-server
+client = 644-version-negotiation-client
+
+[644-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[644-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-644]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[645-version-negotiation]
+ssl_conf = 645-version-negotiation-ssl
+
+[645-version-negotiation-ssl]
+server = 645-version-negotiation-server
+client = 645-version-negotiation-client
+
+[645-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[645-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-645]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[646-version-negotiation]
+ssl_conf = 646-version-negotiation-ssl
+
+[646-version-negotiation-ssl]
+server = 646-version-negotiation-server
+client = 646-version-negotiation-client
+
+[646-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[646-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-646]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[647-version-negotiation]
+ssl_conf = 647-version-negotiation-ssl
+
+[647-version-negotiation-ssl]
+server = 647-version-negotiation-server
+client = 647-version-negotiation-client
+
+[647-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[647-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-647]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[648-version-negotiation]
+ssl_conf = 648-version-negotiation-ssl
+
+[648-version-negotiation-ssl]
+server = 648-version-negotiation-server
+client = 648-version-negotiation-client
+
+[648-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[648-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-648]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[649-version-negotiation]
+ssl_conf = 649-version-negotiation-ssl
+
+[649-version-negotiation-ssl]
+server = 649-version-negotiation-server
+client = 649-version-negotiation-client
+
+[649-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[649-version-negotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-649]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[650-version-negotiation]
+ssl_conf = 650-version-negotiation-ssl
+
+[650-version-negotiation-ssl]
+server = 650-version-negotiation-server
+client = 650-version-negotiation-client
+
+[650-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[650-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-650]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[651-version-negotiation]
+ssl_conf = 651-version-negotiation-ssl
+
+[651-version-negotiation-ssl]
+server = 651-version-negotiation-server
+client = 651-version-negotiation-client
+
+[651-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[651-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-651]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[652-version-negotiation]
+ssl_conf = 652-version-negotiation-ssl
+
+[652-version-negotiation-ssl]
+server = 652-version-negotiation-server
+client = 652-version-negotiation-client
+
+[652-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[652-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-652]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[653-version-negotiation]
+ssl_conf = 653-version-negotiation-ssl
+
+[653-version-negotiation-ssl]
+server = 653-version-negotiation-server
+client = 653-version-negotiation-client
+
+[653-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[653-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-653]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[654-version-negotiation]
+ssl_conf = 654-version-negotiation-ssl
+
+[654-version-negotiation-ssl]
+server = 654-version-negotiation-server
+client = 654-version-negotiation-client
+
+[654-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[654-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-654]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[655-version-negotiation]
+ssl_conf = 655-version-negotiation-ssl
+
+[655-version-negotiation-ssl]
+server = 655-version-negotiation-server
+client = 655-version-negotiation-client
+
+[655-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[655-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-655]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[656-version-negotiation]
+ssl_conf = 656-version-negotiation-ssl
+
+[656-version-negotiation-ssl]
+server = 656-version-negotiation-server
+client = 656-version-negotiation-client
+
+[656-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = SSLv3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[656-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-656]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[657-version-negotiation]
+ssl_conf = 657-version-negotiation-ssl
+
+[657-version-negotiation-ssl]
+server = 657-version-negotiation-server
+client = 657-version-negotiation-client
+
+[657-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[657-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-657]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[658-version-negotiation]
+ssl_conf = 658-version-negotiation-ssl
+
+[658-version-negotiation-ssl]
+server = 658-version-negotiation-server
+client = 658-version-negotiation-client
+
+[658-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[658-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-658]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[659-version-negotiation]
+ssl_conf = 659-version-negotiation-ssl
+
+[659-version-negotiation-ssl]
+server = 659-version-negotiation-server
+client = 659-version-negotiation-client
+
+[659-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[659-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-659]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[660-version-negotiation]
+ssl_conf = 660-version-negotiation-ssl
+
+[660-version-negotiation-ssl]
+server = 660-version-negotiation-server
+client = 660-version-negotiation-client
+
+[660-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[660-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-660]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[661-version-negotiation]
+ssl_conf = 661-version-negotiation-ssl
+
+[661-version-negotiation-ssl]
+server = 661-version-negotiation-server
+client = 661-version-negotiation-client
+
+[661-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = SSLv3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[661-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-661]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[662-version-negotiation]
+ssl_conf = 662-version-negotiation-ssl
+
+[662-version-negotiation-ssl]
+server = 662-version-negotiation-server
+client = 662-version-negotiation-client
+
+[662-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[662-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-662]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[663-version-negotiation]
+ssl_conf = 663-version-negotiation-ssl
+
+[663-version-negotiation-ssl]
+server = 663-version-negotiation-server
+client = 663-version-negotiation-client
+
+[663-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[663-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-663]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[664-version-negotiation]
+ssl_conf = 664-version-negotiation-ssl
+
+[664-version-negotiation-ssl]
+server = 664-version-negotiation-server
+client = 664-version-negotiation-client
+
+[664-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[664-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-664]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[665-version-negotiation]
+ssl_conf = 665-version-negotiation-ssl
+
+[665-version-negotiation-ssl]
+server = 665-version-negotiation-server
+client = 665-version-negotiation-client
+
+[665-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[665-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-665]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[666-version-negotiation]
+ssl_conf = 666-version-negotiation-ssl
+
+[666-version-negotiation-ssl]
+server = 666-version-negotiation-server
+client = 666-version-negotiation-client
+
+[666-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[666-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-666]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[667-version-negotiation]
+ssl_conf = 667-version-negotiation-ssl
+
+[667-version-negotiation-ssl]
+server = 667-version-negotiation-server
+client = 667-version-negotiation-client
+
+[667-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[667-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-667]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[668-version-negotiation]
+ssl_conf = 668-version-negotiation-ssl
+
+[668-version-negotiation-ssl]
+server = 668-version-negotiation-server
+client = 668-version-negotiation-client
+
+[668-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[668-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-668]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[669-version-negotiation]
+ssl_conf = 669-version-negotiation-ssl
+
+[669-version-negotiation-ssl]
+server = 669-version-negotiation-server
+client = 669-version-negotiation-client
+
+[669-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[669-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-669]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[670-version-negotiation]
+ssl_conf = 670-version-negotiation-ssl
+
+[670-version-negotiation-ssl]
+server = 670-version-negotiation-server
+client = 670-version-negotiation-client
+
+[670-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[670-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-670]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[671-version-negotiation]
+ssl_conf = 671-version-negotiation-ssl
+
+[671-version-negotiation-ssl]
+server = 671-version-negotiation-server
+client = 671-version-negotiation-client
+
+[671-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[671-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-671]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[672-version-negotiation]
+ssl_conf = 672-version-negotiation-ssl
+
+[672-version-negotiation-ssl]
+server = 672-version-negotiation-server
+client = 672-version-negotiation-client
+
+[672-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[672-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-672]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[673-version-negotiation]
+ssl_conf = 673-version-negotiation-ssl
+
+[673-version-negotiation-ssl]
+server = 673-version-negotiation-server
+client = 673-version-negotiation-client
+
+[673-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[673-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-673]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[674-version-negotiation]
+ssl_conf = 674-version-negotiation-ssl
+
+[674-version-negotiation-ssl]
+server = 674-version-negotiation-server
+client = 674-version-negotiation-client
+
+[674-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[674-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-674]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[675-version-negotiation]
+ssl_conf = 675-version-negotiation-ssl
+
+[675-version-negotiation-ssl]
+server = 675-version-negotiation-server
+client = 675-version-negotiation-client
+
+[675-version-negotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[675-version-negotiation-client]
+CipherString = DEFAULT
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-675]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
diff --git a/test/ssl-tests/10-resumption.conf b/test/ssl-tests/10-resumption.conf
index b2deee4209..0a58f48f62 100644
--- a/test/ssl-tests/10-resumption.conf
+++ b/test/ssl-tests/10-resumption.conf
@@ -1,6 +1,6 @@
# Generated with generate_ssl_tests.pl
-num_tests = 36
+num_tests = 64
test-0 = 0-resumption
test-1 = 1-resumption
@@ -38,6 +38,34 @@ test-32 = 32-resumption
test-33 = 33-resumption
test-34 = 34-resumption
test-35 = 35-resumption
+test-36 = 36-resumption
+test-37 = 37-resumption
+test-38 = 38-resumption
+test-39 = 39-resumption
+test-40 = 40-resumption
+test-41 = 41-resumption
+test-42 = 42-resumption
+test-43 = 43-resumption
+test-44 = 44-resumption
+test-45 = 45-resumption
+test-46 = 46-resumption
+test-47 = 47-resumption
+test-48 = 48-resumption
+test-49 = 49-resumption
+test-50 = 50-resumption
+test-51 = 51-resumption
+test-52 = 52-resumption
+test-53 = 53-resumption
+test-54 = 54-resumption
+test-55 = 55-resumption
+test-56 = 56-resumption
+test-57 = 57-resumption
+test-58 = 58-resumption
+test-59 = 59-resumption
+test-60 = 60-resumption
+test-61 = 61-resumption
+test-62 = 62-resumption
+test-63 = 63-resumption
# ===========================================================
[0-resumption]
@@ -268,15 +296,15 @@ resume-client = 6-resumption-client
[6-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[6-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[6-resumption-client]
@@ -285,7 +313,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-6]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.3
HandshakeMode = Resume
ResumptionExpected = No
@@ -304,15 +332,15 @@ resume-client = 7-resumption-client
[7-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[7-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[7-resumption-client]
@@ -321,7 +349,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-7]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.3
HandshakeMode = Resume
ResumptionExpected = No
@@ -348,7 +376,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[8-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[8-resumption-client]
@@ -357,9 +385,9 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-8]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
HandshakeMode = Resume
-ResumptionExpected = Yes
+ResumptionExpected = No
# ===========================================================
@@ -384,7 +412,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[9-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[9-resumption-client]
@@ -393,9 +421,9 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-9]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
HandshakeMode = Resume
-ResumptionExpected = Yes
+ResumptionExpected = No
# ===========================================================
@@ -420,7 +448,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[10-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[10-resumption-client]
@@ -429,9 +457,9 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-10]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
HandshakeMode = Resume
-ResumptionExpected = No
+ResumptionExpected = Yes
# ===========================================================
@@ -456,7 +484,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[11-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[11-resumption-client]
@@ -465,9 +493,9 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-11]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
HandshakeMode = Resume
-ResumptionExpected = No
+ResumptionExpected = Yes
# ===========================================================
@@ -484,15 +512,15 @@ resume-client = 12-resumption-client
[12-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[12-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[12-resumption-client]
@@ -501,7 +529,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-12]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.2
HandshakeMode = Resume
ResumptionExpected = No
@@ -520,15 +548,15 @@ resume-client = 13-resumption-client
[13-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[13-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[13-resumption-client]
@@ -537,7 +565,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-13]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.2
HandshakeMode = Resume
ResumptionExpected = No
@@ -556,15 +584,15 @@ resume-client = 14-resumption-client
[14-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[14-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[14-resumption-client]
@@ -573,7 +601,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-14]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.3
HandshakeMode = Resume
ResumptionExpected = No
@@ -592,15 +620,15 @@ resume-client = 15-resumption-client
[15-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[15-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[15-resumption-client]
@@ -609,7 +637,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-15]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.3
HandshakeMode = Resume
ResumptionExpected = No
@@ -636,7 +664,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[16-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[16-resumption-client]
@@ -645,9 +673,9 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-16]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
HandshakeMode = Resume
-ResumptionExpected = Yes
+ResumptionExpected = No
# ===========================================================
@@ -672,7 +700,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[17-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[17-resumption-client]
@@ -681,9 +709,9 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-17]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
HandshakeMode = Resume
-ResumptionExpected = Yes
+ResumptionExpected = No
# ===========================================================
@@ -694,32 +722,32 @@ ssl_conf = 18-resumption-ssl
[18-resumption-ssl]
server = 18-resumption-server
client = 18-resumption-client
-resume-server = 18-resumption-server
-resume-client = 18-resumption-resume-client
+resume-server = 18-resumption-resume-server
+resume-client = 18-resumption-client
[18-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[18-resumption-client]
+[18-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[18-resumption-resume-client]
+[18-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-18]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.1
HandshakeMode = Resume
-ResumptionExpected = Yes
+ResumptionExpected = No
# ===========================================================
@@ -730,32 +758,32 @@ ssl_conf = 19-resumption-ssl
[19-resumption-ssl]
server = 19-resumption-server
client = 19-resumption-client
-resume-server = 19-resumption-server
-resume-client = 19-resumption-resume-client
+resume-server = 19-resumption-resume-server
+resume-client = 19-resumption-client
[19-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[19-resumption-client]
+[19-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[19-resumption-resume-client]
+[19-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-19]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.1
HandshakeMode = Resume
-ResumptionExpected = Yes
+ResumptionExpected = No
# ===========================================================
@@ -766,32 +794,32 @@ ssl_conf = 20-resumption-ssl
[20-resumption-ssl]
server = 20-resumption-server
client = 20-resumption-client
-resume-server = 20-resumption-server
-resume-client = 20-resumption-resume-client
+resume-server = 20-resumption-resume-server
+resume-client = 20-resumption-client
[20-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[20-resumption-client]
+[20-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[20-resumption-resume-client]
+[20-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-20]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.2
HandshakeMode = Resume
-ResumptionExpected = No
+ResumptionExpected = Yes
# ===========================================================
@@ -802,32 +830,32 @@ ssl_conf = 21-resumption-ssl
[21-resumption-ssl]
server = 21-resumption-server
client = 21-resumption-client
-resume-server = 21-resumption-server
-resume-client = 21-resumption-resume-client
+resume-server = 21-resumption-resume-server
+resume-client = 21-resumption-client
[21-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[21-resumption-client]
+[21-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[21-resumption-resume-client]
+[21-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-21]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.2
HandshakeMode = Resume
-ResumptionExpected = No
+ResumptionExpected = Yes
# ===========================================================
@@ -838,30 +866,30 @@ ssl_conf = 22-resumption-ssl
[22-resumption-ssl]
server = 22-resumption-server
client = 22-resumption-client
-resume-server = 22-resumption-server
-resume-client = 22-resumption-resume-client
+resume-server = 22-resumption-resume-server
+resume-client = 22-resumption-client
[22-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[22-resumption-client]
+[22-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[22-resumption-resume-client]
+[22-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-22]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
HandshakeMode = Resume
ResumptionExpected = No
@@ -874,30 +902,30 @@ ssl_conf = 23-resumption-ssl
[23-resumption-ssl]
server = 23-resumption-server
client = 23-resumption-client
-resume-server = 23-resumption-server
-resume-client = 23-resumption-resume-client
+resume-server = 23-resumption-resume-server
+resume-client = 23-resumption-client
[23-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[23-resumption-client]
+[23-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[23-resumption-resume-client]
+[23-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-23]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
HandshakeMode = Resume
ResumptionExpected = No
@@ -910,25 +938,25 @@ ssl_conf = 24-resumption-ssl
[24-resumption-ssl]
server = 24-resumption-server
client = 24-resumption-client
-resume-server = 24-resumption-server
-resume-client = 24-resumption-resume-client
+resume-server = 24-resumption-resume-server
+resume-client = 24-resumption-client
[24-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[24-resumption-client]
+[24-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[24-resumption-resume-client]
+[24-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -946,25 +974,25 @@ ssl_conf = 25-resumption-ssl
[25-resumption-ssl]
server = 25-resumption-server
client = 25-resumption-client
-resume-server = 25-resumption-server
-resume-client = 25-resumption-resume-client
+resume-server = 25-resumption-resume-server
+resume-client = 25-resumption-client
[25-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[25-resumption-client]
+[25-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[25-resumption-resume-client]
+[25-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -982,32 +1010,32 @@ ssl_conf = 26-resumption-ssl
[26-resumption-ssl]
server = 26-resumption-server
client = 26-resumption-client
-resume-server = 26-resumption-server
-resume-client = 26-resumption-resume-client
+resume-server = 26-resumption-resume-server
+resume-client = 26-resumption-client
[26-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[26-resumption-client]
+[26-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[26-resumption-resume-client]
+[26-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-26]
ExpectedProtocol = TLSv1.1
HandshakeMode = Resume
-ResumptionExpected = Yes
+ResumptionExpected = No
# ===========================================================
@@ -1018,32 +1046,32 @@ ssl_conf = 27-resumption-ssl
[27-resumption-ssl]
server = 27-resumption-server
client = 27-resumption-client
-resume-server = 27-resumption-server
-resume-client = 27-resumption-resume-client
+resume-server = 27-resumption-resume-server
+resume-client = 27-resumption-client
[27-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[27-resumption-client]
+[27-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[27-resumption-resume-client]
+[27-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-27]
ExpectedProtocol = TLSv1.1
HandshakeMode = Resume
-ResumptionExpected = Yes
+ResumptionExpected = No
# ===========================================================
@@ -1054,25 +1082,25 @@ ssl_conf = 28-resumption-ssl
[28-resumption-ssl]
server = 28-resumption-server
client = 28-resumption-client
-resume-server = 28-resumption-server
-resume-client = 28-resumption-resume-client
+resume-server = 28-resumption-resume-server
+resume-client = 28-resumption-client
[28-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[28-resumption-client]
+[28-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[28-resumption-resume-client]
+[28-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -1090,25 +1118,25 @@ ssl_conf = 29-resumption-ssl
[29-resumption-ssl]
server = 29-resumption-server
client = 29-resumption-client
-resume-server = 29-resumption-server
-resume-client = 29-resumption-resume-client
+resume-server = 29-resumption-resume-server
+resume-client = 29-resumption-client
[29-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[29-resumption-client]
+[29-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[29-resumption-resume-client]
+[29-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -1126,32 +1154,32 @@ ssl_conf = 30-resumption-ssl
[30-resumption-ssl]
server = 30-resumption-server
client = 30-resumption-client
-resume-server = 30-resumption-server
-resume-client = 30-resumption-resume-client
+resume-server = 30-resumption-resume-server
+resume-client = 30-resumption-client
[30-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[30-resumption-client]
+[30-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[30-resumption-resume-client]
+[30-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-30]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.3
HandshakeMode = Resume
-ResumptionExpected = No
+ResumptionExpected = Yes
# ===========================================================
@@ -1162,32 +1190,32 @@ ssl_conf = 31-resumption-ssl
[31-resumption-ssl]
server = 31-resumption-server
client = 31-resumption-client
-resume-server = 31-resumption-server
-resume-client = 31-resumption-resume-client
+resume-server = 31-resumption-resume-server
+resume-client = 31-resumption-client
[31-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[31-resumption-client]
+[31-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[31-resumption-resume-client]
+[31-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-31]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.3
HandshakeMode = Resume
-ResumptionExpected = No
+ResumptionExpected = Yes
# ===========================================================
@@ -1209,21 +1237,21 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[32-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[32-resumption-resume-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-32]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
HandshakeMode = Resume
-ResumptionExpected = No
+ResumptionExpected = Yes
# ===========================================================
@@ -1245,21 +1273,21 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[33-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[33-resumption-resume-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-33]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
HandshakeMode = Resume
-ResumptionExpected = No
+ResumptionExpected = Yes
# ===========================================================
@@ -1281,21 +1309,21 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[34-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[34-resumption-resume-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-34]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
HandshakeMode = Resume
-ResumptionExpected = Yes
+ResumptionExpected = No
# ===========================================================
@@ -1317,20 +1345,1028 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[35-resumption-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[35-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-35]
+ExpectedProtocol = TLSv1.1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[36-resumption]
+ssl_conf = 36-resumption-ssl
+
+[36-resumption-ssl]
+server = 36-resumption-server
+client = 36-resumption-client
+resume-server = 36-resumption-server
+resume-client = 36-resumption-resume-client
+
+[36-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[36-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[36-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-36]
+ExpectedProtocol = TLSv1.2
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[37-resumption]
+ssl_conf = 37-resumption-ssl
+
+[37-resumption-ssl]
+server = 37-resumption-server
+client = 37-resumption-client
+resume-server = 37-resumption-server
+resume-client = 37-resumption-resume-client
+
+[37-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[37-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[37-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-37]
+ExpectedProtocol = TLSv1.2
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[38-resumption]
+ssl_conf = 38-resumption-ssl
+
+[38-resumption-ssl]
+server = 38-resumption-server
+client = 38-resumption-client
+resume-server = 38-resumption-server
+resume-client = 38-resumption-resume-client
+
+[38-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[38-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[38-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-38]
+ExpectedProtocol = TLSv1.3
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[39-resumption]
+ssl_conf = 39-resumption-ssl
+
+[39-resumption-ssl]
+server = 39-resumption-server
+client = 39-resumption-client
+resume-server = 39-resumption-server
+resume-client = 39-resumption-resume-client
+
+[39-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[39-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[39-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-39]
+ExpectedProtocol = TLSv1.3
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[40-resumption]
+ssl_conf = 40-resumption-ssl
+
+[40-resumption-ssl]
+server = 40-resumption-server
+client = 40-resumption-client
+resume-server = 40-resumption-server
+resume-client = 40-resumption-resume-client
+
+[40-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[40-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[40-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-40]
+ExpectedProtocol = TLSv1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[41-resumption]
+ssl_conf = 41-resumption-ssl
+
+[41-resumption-ssl]
+server = 41-resumption-server
+client = 41-resumption-client
+resume-server = 41-resumption-server
+resume-client = 41-resumption-resume-client
+
+[41-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[41-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[41-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-41]
+ExpectedProtocol = TLSv1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[42-resumption]
+ssl_conf = 42-resumption-ssl
+
+[42-resumption-ssl]
+server = 42-resumption-server
+client = 42-resumption-client
+resume-server = 42-resumption-server
+resume-client = 42-resumption-resume-client
+
+[42-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[42-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[42-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-42]
+ExpectedProtocol = TLSv1.1
+HandshakeMode = Resume
+ResumptionExpected = Yes
+
+
+# ===========================================================
+
+[43-resumption]
+ssl_conf = 43-resumption-ssl
+
+[43-resumption-ssl]
+server = 43-resumption-server
+client = 43-resumption-client
+resume-server = 43-resumption-server
+resume-client = 43-resumption-resume-client
+
+[43-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[43-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[43-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-43]
+ExpectedProtocol = TLSv1.1
+HandshakeMode = Resume
+ResumptionExpected = Yes
+
+
+# ===========================================================
+
+[44-resumption]
+ssl_conf = 44-resumption-ssl
+
+[44-resumption-ssl]
+server = 44-resumption-server
+client = 44-resumption-client
+resume-server = 44-resumption-server
+resume-client = 44-resumption-resume-client
+
+[44-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[44-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[44-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-44]
+ExpectedProtocol = TLSv1.2
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[45-resumption]
+ssl_conf = 45-resumption-ssl
+
+[45-resumption-ssl]
+server = 45-resumption-server
+client = 45-resumption-client
+resume-server = 45-resumption-server
+resume-client = 45-resumption-resume-client
+
+[45-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[45-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[45-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-45]
+ExpectedProtocol = TLSv1.2
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[46-resumption]
+ssl_conf = 46-resumption-ssl
+
+[46-resumption-ssl]
+server = 46-resumption-server
+client = 46-resumption-client
+resume-server = 46-resumption-server
+resume-client = 46-resumption-resume-client
+
+[46-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[46-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[46-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-46]
+ExpectedProtocol = TLSv1.3
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[47-resumption]
+ssl_conf = 47-resumption-ssl
+
+[47-resumption-ssl]
+server = 47-resumption-server
+client = 47-resumption-client
+resume-server = 47-resumption-server
+resume-client = 47-resumption-resume-client
+
+[47-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[47-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[47-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-47]
+ExpectedProtocol = TLSv1.3
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[48-resumption]
+ssl_conf = 48-resumption-ssl
+
+[48-resumption-ssl]
+server = 48-resumption-server
+client = 48-resumption-client
+resume-server = 48-resumption-server
+resume-client = 48-resumption-resume-client
+
+[48-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[48-resumption-client]
+CipherString = DEFAULT
MaxProtocol = TLSv1.2
MinProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[35-resumption-resume-client]
+[48-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-48]
+ExpectedProtocol = TLSv1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[49-resumption]
+ssl_conf = 49-resumption-ssl
+
+[49-resumption-ssl]
+server = 49-resumption-server
+client = 49-resumption-client
+resume-server = 49-resumption-server
+resume-client = 49-resumption-resume-client
+
+[49-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[49-resumption-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-35]
+[49-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-49]
+ExpectedProtocol = TLSv1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[50-resumption]
+ssl_conf = 50-resumption-ssl
+
+[50-resumption-ssl]
+server = 50-resumption-server
+client = 50-resumption-client
+resume-server = 50-resumption-server
+resume-client = 50-resumption-resume-client
+
+[50-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[50-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[50-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-50]
+ExpectedProtocol = TLSv1.1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[51-resumption]
+ssl_conf = 51-resumption-ssl
+
+[51-resumption-ssl]
+server = 51-resumption-server
+client = 51-resumption-client
+resume-server = 51-resumption-server
+resume-client = 51-resumption-resume-client
+
+[51-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[51-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[51-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-51]
+ExpectedProtocol = TLSv1.1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[52-resumption]
+ssl_conf = 52-resumption-ssl
+
+[52-resumption-ssl]
+server = 52-resumption-server
+client = 52-resumption-client
+resume-server = 52-resumption-server
+resume-client = 52-resumption-resume-client
+
+[52-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[52-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[52-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-52]
ExpectedProtocol = TLSv1.2
HandshakeMode = Resume
ResumptionExpected = Yes
+# ===========================================================
+
+[53-resumption]
+ssl_conf = 53-resumption-ssl
+
+[53-resumption-ssl]
+server = 53-resumption-server
+client = 53-resumption-client
+resume-server = 53-resumption-server
+resume-client = 53-resumption-resume-client
+
+[53-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[53-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[53-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-53]
+ExpectedProtocol = TLSv1.2
+HandshakeMode = Resume
+ResumptionExpected = Yes
+
+
+# ===========================================================
+
+[54-resumption]
+ssl_conf = 54-resumption-ssl
+
+[54-resumption-ssl]
+server = 54-resumption-server
+client = 54-resumption-client
+resume-server = 54-resumption-server
+resume-client = 54-resumption-resume-client
+
+[54-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[54-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[54-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-54]
+ExpectedProtocol = TLSv1.3
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[55-resumption]
+ssl_conf = 55-resumption-ssl
+
+[55-resumption-ssl]
+server = 55-resumption-server
+client = 55-resumption-client
+resume-server = 55-resumption-server
+resume-client = 55-resumption-resume-client
+
+[55-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[55-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[55-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-55]
+ExpectedProtocol = TLSv1.3
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[56-resumption]
+ssl_conf = 56-resumption-ssl
+
+[56-resumption-ssl]
+server = 56-resumption-server
+client = 56-resumption-client
+resume-server = 56-resumption-server
+resume-client = 56-resumption-resume-client
+
+[56-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[56-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[56-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-56]
+ExpectedProtocol = TLSv1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[57-resumption]
+ssl_conf = 57-resumption-ssl
+
+[57-resumption-ssl]
+server = 57-resumption-server
+client = 57-resumption-client
+resume-server = 57-resumption-server
+resume-client = 57-resumption-resume-client
+
+[57-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[57-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[57-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-57]
+ExpectedProtocol = TLSv1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[58-resumption]
+ssl_conf = 58-resumption-ssl
+
+[58-resumption-ssl]
+server = 58-resumption-server
+client = 58-resumption-client
+resume-server = 58-resumption-server
+resume-client = 58-resumption-resume-client
+
+[58-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[58-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[58-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-58]
+ExpectedProtocol = TLSv1.1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[59-resumption]
+ssl_conf = 59-resumption-ssl
+
+[59-resumption-ssl]
+server = 59-resumption-server
+client = 59-resumption-client
+resume-server = 59-resumption-server
+resume-client = 59-resumption-resume-client
+
+[59-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[59-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[59-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-59]
+ExpectedProtocol = TLSv1.1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[60-resumption]
+ssl_conf = 60-resumption-ssl
+
+[60-resumption-ssl]
+server = 60-resumption-server
+client = 60-resumption-client
+resume-server = 60-resumption-server
+resume-client = 60-resumption-resume-client
+
+[60-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[60-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[60-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-60]
+ExpectedProtocol = TLSv1.2
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[61-resumption]
+ssl_conf = 61-resumption-ssl
+
+[61-resumption-ssl]
+server = 61-resumption-server
+client = 61-resumption-client
+resume-server = 61-resumption-server
+resume-client = 61-resumption-resume-client
+
+[61-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[61-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[61-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-61]
+ExpectedProtocol = TLSv1.2
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[62-resumption]
+ssl_conf = 62-resumption-ssl
+
+[62-resumption-ssl]
+server = 62-resumption-server
+client = 62-resumption-client
+resume-server = 62-resumption-server
+resume-client = 62-resumption-resume-client
+
+[62-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[62-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[62-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-62]
+ExpectedProtocol = TLSv1.3
+HandshakeMode = Resume
+ResumptionExpected = Yes
+
+
+# ===========================================================
+
+[63-resumption]
+ssl_conf = 63-resumption-ssl
+
+[63-resumption-ssl]
+server = 63-resumption-server
+client = 63-resumption-client
+resume-server = 63-resumption-server
+resume-client = 63-resumption-resume-client
+
+[63-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[63-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[63-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-63]
+ExpectedProtocol = TLSv1.3
+HandshakeMode = Resume
+ResumptionExpected = Yes
+
+
diff --git a/test/ssl-tests/13-fragmentation.conf b/test/ssl-tests/13-fragmentation.conf
index 4c1e9e2b33..14aec20f70 100644
--- a/test/ssl-tests/13-fragmentation.conf
+++ b/test/ssl-tests/13-fragmentation.conf
@@ -267,6 +267,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[10-large-app-data-aes-sha1-multibuffer-client]
CipherString = AES128-SHA
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -291,6 +292,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[11-large-app-data-aes-sha2-multibuffer-client]
CipherString = AES128-SHA256
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -315,6 +317,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[12-large-app-data-aes-sha1-multibuffer-odd-fragment-client]
CipherString = AES128-SHA
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -339,6 +342,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[13-large-app-data-aes-sha2-multibuffer-odd-fragment-client]
CipherString = AES128-SHA256
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -363,6 +367,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[14-small-app-data-aes-sha1-multibuffer-client]
CipherString = AES128-SHA
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -387,6 +392,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[15-small-app-data-aes-sha2-multibuffer-client]
CipherString = AES128-SHA256
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
diff --git a/test/ssl-tests/13-fragmentation.conf.in b/test/ssl-tests/13-fragmentation.conf.in
index 645163ca89..ae6446ed34 100644
--- a/test/ssl-tests/13-fragmentation.conf.in
+++ b/test/ssl-tests/13-fragmentation.conf.in
@@ -114,6 +114,7 @@ our @tests = (
server => { },
client => {
CipherString => "AES128-SHA",
+ MaxProtocol => "TLSv1.2"
},
test => {
ApplicationData => 1024 * 1024,
@@ -125,6 +126,7 @@ our @tests = (
server => { },
client => {
CipherString => "AES128-SHA256",
+ MaxProtocol => "TLSv1.2"
},
test => {
ApplicationData => 1024 * 1024,
@@ -136,6 +138,7 @@ our @tests = (
server => { },
client => {
CipherString => "AES128-SHA",
+ MaxProtocol => "TLSv1.2"
},
test => {
ApplicationData => 1024 * 1024 + 3,
@@ -147,6 +150,7 @@ our @tests = (
server => { },
client => {
CipherString => "AES128-SHA256",
+ MaxProtocol => "TLSv1.2"
},
test => {
ApplicationData => 1024 * 1024 - 3,
@@ -161,6 +165,7 @@ our @tests = (
server => { },
client => {
CipherString => "AES128-SHA",
+ MaxProtocol => "TLSv1.2"
},
test => {
ApplicationData => 4 * 1024,
@@ -172,6 +177,7 @@ our @tests = (
server => { },
client => {
CipherString => "AES128-SHA256",
+ MaxProtocol => "TLSv1.2"
},
test => {
ApplicationData => 4 * 1024,
diff --git a/test/ssl-tests/14-curves.conf b/test/ssl-tests/14-curves.conf
index d4c19c7a70..17d00b58a7 100644
--- a/test/ssl-tests/14-curves.conf
+++ b/test/ssl-tests/14-curves.conf
@@ -44,6 +44,7 @@ client = 0-curve-sect163k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect163k1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[0-curve-sect163k1-client]
@@ -69,6 +70,7 @@ client = 1-curve-sect163r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect163r1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[1-curve-sect163r1-client]
@@ -94,6 +96,7 @@ client = 2-curve-sect163r2-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect163r2
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[2-curve-sect163r2-client]
@@ -119,6 +122,7 @@ client = 3-curve-sect193r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect193r1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[3-curve-sect193r1-client]
@@ -144,6 +148,7 @@ client = 4-curve-sect193r2-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect193r2
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[4-curve-sect193r2-client]
@@ -169,6 +174,7 @@ client = 5-curve-sect233k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect233k1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[5-curve-sect233k1-client]
@@ -194,6 +200,7 @@ client = 6-curve-sect233r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect233r1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[6-curve-sect233r1-client]
@@ -219,6 +226,7 @@ client = 7-curve-sect239k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect239k1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[7-curve-sect239k1-client]
@@ -244,6 +252,7 @@ client = 8-curve-sect283k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect283k1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[8-curve-sect283k1-client]
@@ -269,6 +278,7 @@ client = 9-curve-sect283r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect283r1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[9-curve-sect283r1-client]
@@ -294,6 +304,7 @@ client = 10-curve-sect409k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect409k1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[10-curve-sect409k1-client]
@@ -319,6 +330,7 @@ client = 11-curve-sect409r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect409r1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[11-curve-sect409r1-client]
@@ -344,6 +356,7 @@ client = 12-curve-sect571k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect571k1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[12-curve-sect571k1-client]
@@ -369,6 +382,7 @@ client = 13-curve-sect571r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = sect571r1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[13-curve-sect571r1-client]
@@ -394,6 +408,7 @@ client = 14-curve-secp160k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = secp160k1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[14-curve-secp160k1-client]
@@ -419,6 +434,7 @@ client = 15-curve-secp160r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = secp160r1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[15-curve-secp160r1-client]
@@ -444,6 +460,7 @@ client = 16-curve-secp160r2-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = secp160r2
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[16-curve-secp160r2-client]
@@ -469,6 +486,7 @@ client = 17-curve-secp192k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = secp192k1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[17-curve-secp192k1-client]
@@ -494,6 +512,7 @@ client = 18-curve-prime192v1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = prime192v1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[18-curve-prime192v1-client]
@@ -519,6 +538,7 @@ client = 19-curve-secp224k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = secp224k1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[19-curve-secp224k1-client]
@@ -544,6 +564,7 @@ client = 20-curve-secp224r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = secp224r1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[20-curve-secp224r1-client]
@@ -569,6 +590,7 @@ client = 21-curve-secp256k1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = secp256k1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[21-curve-secp256k1-client]
@@ -594,6 +616,7 @@ client = 22-curve-prime256v1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = prime256v1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[22-curve-prime256v1-client]
@@ -619,6 +642,7 @@ client = 23-curve-secp384r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = secp384r1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[23-curve-secp384r1-client]
@@ -644,6 +668,7 @@ client = 24-curve-secp521r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = secp521r1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[24-curve-secp521r1-client]
@@ -669,6 +694,7 @@ client = 25-curve-brainpoolP256r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = brainpoolP256r1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[25-curve-brainpoolP256r1-client]
@@ -694,6 +720,7 @@ client = 26-curve-brainpoolP384r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = brainpoolP384r1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[26-curve-brainpoolP384r1-client]
@@ -719,6 +746,7 @@ client = 27-curve-brainpoolP512r1-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = brainpoolP512r1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[27-curve-brainpoolP512r1-client]
@@ -744,6 +772,7 @@ client = 28-curve-X25519-client
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Curves = X25519
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[28-curve-X25519-client]
diff --git a/test/ssl-tests/14-curves.conf.in b/test/ssl-tests/14-curves.conf.in
index f39ff7d22a..dec2be210c 100644
--- a/test/ssl-tests/14-curves.conf.in
+++ b/test/ssl-tests/14-curves.conf.in
@@ -27,7 +27,9 @@ sub generate_tests() {
push @tests, {
name => "curve-${curve}",
server => {
- "Curves" => $curve
+ "Curves" => $curve,
+ # TODO(TLS1.3): Can we get this to work for TLSv1.3?
+ "MaxProtocol" => "TLSv1.2"
},
client => {
"CipherString" => "ECDHE",
diff --git a/test/ssl-tests/protocol_version.pm b/test/ssl-tests/protocol_version.pm
index c711362949..7146b8a54e 100644
--- a/test/ssl-tests/protocol_version.pm
+++ b/test/ssl-tests/protocol_version.pm
@@ -20,12 +20,12 @@ use OpenSSL::Test;
use OpenSSL::Test::Utils qw/anydisabled alldisabled/;
setup("no_test_here");
-my @tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2");
+my @tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3");
# undef stands for "no limit".
-my @min_tls_protocols = (undef, "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2");
-my @max_tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", undef);
+my @min_tls_protocols = (undef, "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3");
+my @max_tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3", undef);
-my @is_tls_disabled = anydisabled("ssl3", "tls1", "tls1_1", "tls1_2");
+my @is_tls_disabled = anydisabled("ssl3", "tls1", "tls1_1", "tls1_2", "tls1_3");
my $min_tls_enabled; my $max_tls_enabled;
@@ -74,7 +74,7 @@ foreach my $i (0..$#dtls_protocols) {
sub no_tests {
my ($dtls) = @_;
return $dtls ? alldisabled("dtls1", "dtls1_2") :
- alldisabled("ssl3", "tls1", "tls1_1", "tls1_2");
+ alldisabled("ssl3", "tls1", "tls1_1", "tls1_2", "tls1_3");
}
sub generate_version_tests {
@@ -234,9 +234,15 @@ sub expected_result {
# Server doesn't support the client range.
return ("ServerFail", undef);
} elsif ($c_min > $s_max) {
- # Server will try with a version that is lower than the lowest
- # supported client version.
- return ("ClientFail", undef);
+ my @prots = @$protocols;
+ if ($prots[$c_min] eq "TLSv1.3") {
+ # Client won't have sent any ciphersuite the server recognises
+ return ("ServerFail", undef);
+ } else {
+ # Server will try with a version that is lower than the lowest
+ # supported client version.
+ return ("ClientFail", undef);
+ }
} else {
# Server and client ranges overlap.
my $max_common = $s_max < $c_max ? $s_max : $c_max;
diff --git a/test/ssl_test_ctx.c b/test/ssl_test_ctx.c
index 0a528d805b..e8f29433da 100644
--- a/test/ssl_test_ctx.c
+++ b/test/ssl_test_ctx.c
@@ -152,6 +152,7 @@ const char *ssl_alert_name(int alert)
/********************/
static const test_enum ssl_protocols[] = {
+ {"TLSv1.3", TLS1_3_VERSION},
{"TLSv1.2", TLS1_2_VERSION},
{"TLSv1.1", TLS1_1_VERSION},
{"TLSv1", TLS1_VERSION},
diff --git a/test/ssltest_old.c b/test/ssltest_old.c
index 6a5cd7038d..356359d4e3 100644
--- a/test/ssltest_old.c
+++ b/test/ssltest_old.c
@@ -886,6 +886,7 @@ static int protocol_from_string(const char *value)
{"tls1", TLS1_VERSION},
{"tls1.1", TLS1_1_VERSION},
{"tls1.2", TLS1_2_VERSION},
+ {"tls1.3", TLS1_3_VERSION},
{"dtls1", DTLS1_VERSION},
{"dtls1.2", DTLS1_2_VERSION}};
size_t i;
@@ -958,7 +959,7 @@ int main(int argc, char *argv[])
int badop = 0;
enum { BIO_MEM, BIO_PAIR, BIO_IPV4, BIO_IPV6 } bio_type = BIO_MEM;
int force = 0;
- int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, ssl3 = 0, ret = 1;
+ int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, tls1_2 = 0, ssl3 = 0, ret = 1;
int client_auth = 0;
int server_auth = 0, i;
struct app_verify_arg app_verify_arg =
@@ -1123,7 +1124,9 @@ int main(int argc, char *argv[])
min_version = TLS1_VERSION;
}
#endif
- else if (strcmp(*argv, "-tls1") == 0) {
+ else if (strcmp(*argv, "-tls1_2") == 0) {
+ tls1_2 = 1;
+ } else if (strcmp(*argv, "-tls1") == 0) {
tls1 = 1;
} else if (strcmp(*argv, "-ssl3") == 0) {
ssl3 = 1;
@@ -1329,8 +1332,8 @@ int main(int argc, char *argv[])
goto end;
}
- if (ssl3 + tls1 + dtls + dtls1 + dtls12 > 1) {
- fprintf(stderr, "At most one of -ssl3, -tls1, -dtls, -dtls1 or -dtls12 should "
+ if (ssl3 + tls1 + tls1_2 + dtls + dtls1 + dtls12 > 1) {
+ fprintf(stderr, "At most one of -ssl3, -tls1, -tls1_2, -dtls, -dtls1 or -dtls12 should "
"be requested.\n");
EXIT(1);
}
@@ -1345,6 +1348,11 @@ int main(int argc, char *argv[])
no_protocol = 1;
else
#endif
+#ifdef OPENSSL_NO_TLS1_2
+ if (tls1_2)
+ no_protocol = 1;
+ else
+#endif
#if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1)
if (dtls1)
no_protocol = 1;
@@ -1369,10 +1377,11 @@ int main(int argc, char *argv[])
goto end;
}
- if (!ssl3 && !tls1 && !dtls && !dtls1 && !dtls12 && number > 1 && !reuse && !force) {
+ if (!ssl3 && !tls1 && !tls1_2 && !dtls && !dtls1 && !dtls12 && number > 1
+ && !reuse && !force) {
fprintf(stderr, "This case cannot work. Use -f to perform "
"the test anyway (and\n-d to see what happens), "
- "or add one of -ssl3, -tls1, -dtls, -dtls1, -dtls12, -reuse\n"
+ "or add one of -ssl3, -tls1, -tls1_2, -dtls, -dtls1, -dtls12, -reuse\n"
"to avoid protocol mismatch.\n");
EXIT(1);
}
@@ -1435,6 +1444,9 @@ int main(int argc, char *argv[])
} else if (tls1) {
min_version = TLS1_VERSION;
max_version = TLS1_VERSION;
+ } else if (tls1_2) {
+ min_version = TLS1_2_VERSION;
+ max_version = TLS1_2_VERSION;
}
#endif
#ifndef OPENSSL_NO_DTLS
diff --git a/util/TLSProxy/Proxy.pm b/util/TLSProxy/Proxy.pm
index eeb83ed74f..c15019dace 100644
--- a/util/TLSProxy/Proxy.pm
+++ b/util/TLSProxy/Proxy.pm
@@ -147,8 +147,10 @@ sub start
or die "Failed to redirect stdout: $!";
open(STDERR, ">&STDOUT");
}
+ # TODO(TLS1.3): Temporarily disabled for TLS1.3...no shared cipher
+ # because the TLS1.3 ciphersuites are not compatible with ossltest
my $execcmd = $self->execute
- ." s_server -no_comp -rev -engine ossltest -accept "
+ ." s_server -no_tls1_3 -no_comp -rev -engine ossltest -accept "
.($self->server_port)
." -cert ".$self->cert." -naccept ".$self->serverconnects;
if ($self->ciphers ne "") {