ERROR during connecting via PSK #814
Comments
|
By default CBC is not activated because this cipher is not really consider as safe enough now. I will look at your capture deeply on Monday. |
|
Thanks a lot ... I'll really appreciate your help 😄 |
|
I looked at your capture and I confirm that your device only propose "deprecated" cipher suite based on "unsecured" CBC. So the solution is to allow more secure cipher at device side (based on GCM,CCM or CCM8) like : Or enable old cipher in leshan, currently there is no other way than modifying the code. If you prefer modify directly the code, this should looks like this: LeshanServerBuilder serverBuilder = new LeshanServerBuilder();
Builder dtlsConfig = new DtlsConnectorConfig.Builder();
dtlsConfig.setRecommendedCipherSuitesOnly(false);
builder.setDtlsConfig(dtlsConfig);
LeshanServer server = serverBuilder.build(); |
|
I created a new PR with a new "oc" option to enable "old" cipher suites : #815. If you can tell me if it works for you 🙏 |
|
Thanks a lot for the help it's working perfectly now 😄 |
|
So we can close this issue ? :) |
|
Yes sure, thanks again :) |
Greetings,
I'm using Quectel BC66-NA, and I'm trying to connect to the LWM2M server via PSK. The connection is being dropped during the DTLS handshaking with error code 40.
I've checked the available ciphers in both the server and the module as referenced in #650 and I've found that the cipher TLS_PSK_WITH_AES_128_CBC_SHA256 is common cipher between the module and the server !
This was my wireshark log :
wireshark.zip
Thanks in advance
The text was updated successfully, but these errors were encountered: