Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
New-SelfSignedCertificate command appears to produce SSLv3 certificates instead of TLS 1.x
See original GitHub issueSteps to reproduce
New-SelfSignedCertificate -Subject blah
Expected behavior
PowerShell generates a TLS 1.3 certificate.
Actual behavior
PowerShell appears to generate an SSL v3 certificate.
Environment data
Name Value
---- -----
PSVersion 7.0.3
PSEdition Core
GitCommitId 7.0.3
OS Microsoft Windows 10.0.19041
Platform Win32NT
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
WSManStackVersion 3.0
Issue Analytics
- State:
- Created 3 years ago
- Comments:8
Top Results From Across the Web
How to Turn Off SSL 3.0 and TLS 1.0 in Your Internet Browser
Right-click on your desktop and select “New”, then “Shortcut”. · In the “Create Shortcut” panel, browse to the location of your Chrome installation...
Read more >Rehash: How to Fix the SSL/TLS Handshake Failed Error
The TLS Handshake Failed error can originate from the client or the server, here's a guide for fixing the problem for both users...
Read more >Manage SSL/TLS protocols and cipher suites for AD FS
Learn how to disable and enable certain TLS/SSL protocols and cipher suites that Active Directory Federation Services (AD FS) uses.
Read more >Need to access old forgotten router that only supports SSLv3
Create a copy of it Right click on the new shortcut, ... Mac OS X ... RSA-2048 certificate and contemporary TLS for access...
Read more >Could not create SSL/TLS secure channel, despite setting ...
I'm trying to establish SSL/TLS connection to test server with self-signed certificate. Communication through unsecure channel worked without ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Everyone is ignorant about X509 and certificates, they are too complex for their own good 😃
A certificate doesn’t state the protocol it is for, that’s up to the service/client to manage when creating the TLS pipeline. The Certificate just contains encryption and hashing information to facilitate the functions of TLS. The version is just the version of the X509 structure, V3 doesn’t mean SSL v3. The version tells the reader of the cert what fields can be contained and how it is structured.
Details of X509 version 3 can be found in RFC 5280. It is the latest version available so
New-SelfSignedCertificateisn’t producing anything old.