From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-sn1nam01on071f.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe40::71f]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 939D11A1DF7 for ; Tue, 20 Sep 2016 08:59:42 -0700 (PDT) Received: from CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM (10.162.189.30) by CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM (10.162.189.30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.629.8; Tue, 20 Sep 2016 15:59:41 +0000 Received: from CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM ([10.162.189.30]) by CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM ([10.162.189.30]) with mapi id 15.01.0629.006; Tue, 20 Sep 2016 15:59:41 +0000 From: "Palmer, Thomas" To: Santhapur Naveen , "edk2-devel@lists.01.org" Thread-Topic: Issues with HTTPS Boot Thread-Index: AdITMrB9dQ9WWubnSXaJO1RcrMRFRgAJIYwA Date: Tue, 20 Sep 2016 15:59:40 +0000 Message-ID: References: <625A2455CC232F40B0F38F05ACED6D978C2C2225@VENUS1.in.megatrends.com> In-Reply-To: <625A2455CC232F40B0F38F05ACED6D978C2C2225@VENUS1.in.megatrends.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=thomas.palmer@hpe.com; x-originating-ip: [15.203.227.4] x-ms-office365-filtering-correlation-id: 33238414-9863-499a-b4ad-08d3e16f21a5 x-microsoft-exchange-diagnostics: 1; CS1PR84MB0151; 6:1gpC0Lq9bk6e/Rv9cAE2F4Rle3d4y5+U0c3m4Ds1EnVT25C8aHtU7ECKO8/A45HASQwc5fSPLRh4S3+bRKM2IA9UNlVXq6ZJOlHgBGTmrCzsBeGRwqAT5F5TMElrICn0/op6gCPyfsIzjCqYcMBtdpTYCMasRErfu+mIAKFheE6fY3RxZwyS0upn9hUZcGn7a3l2FeUyGlHDmOQc4zmDM5YciSlCi2iJRCwB79V6C8urTLTpnmvLqKJhaVTulGlLWLM5fS8PnSpJAXQqqdNzhkQWzvZbZ33pv8pwz/T/DjDYhcOzA896iXoMrR+uplvUjBDzlfgqaBjfSCxoGUMWiA==; 5:rmljH0ri3+5aI7Vzg86qeY6KNkmHoPRpd6Q9WKpIRfYM+tuVuz6oSY2BpMdQmCqOuaVCZ6a85BF6lhvmkMjN7CV9HGqbBLNn+umYzkH6c4I43Wjglz6X8bx+EyLVDd2H93bt9+MKRlXNE6r5wUNRnw==; 24:D8vKIUZuyFwYhIb229fqFjgx+9aoFPNgCoBBm6bOE23riCdvGc/NDdz28mncKspThp4b9K++hpfOPW5B3RQsD6OOM+wZ2AYu9pjQl+Zo5fo=; 7:v1/srWOKja+g8ri8IcBgHkaCuDbNKZ+SUGSLauUP3BnZEOsE2y5sKDFU9rCTZ6ccJozd2/OffSMVI6eTKC62Fdvz9BC4ofkcEKSlvpqOI+rzevwiV9H00uwuDvyYinmmFPemT/vpqXzmWEewuORLbSLmQSD00SNg3D7wHiBzoPASGcdrBP8G7Sqx5VbWUcER6C7h/EY2PGBcBiMYmovyNjaaRvoqPcWFkkvGbAAqxvsPkvrHcgu+3HP9DenKHOn4wTRRNw+/9W/qhzqaJ9r/ZBfvQhMTjM41sXYJqMGN2cY2DX9iZBXLK9PYY9PCrzh2 x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CS1PR84MB0151; x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(158342451672863)(166708455590820)(162533806227266); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026); SRVR:CS1PR84MB0151; BCL:0; PCL:0; RULEID:; SRVR:CS1PR84MB0151; x-forefront-prvs: 0071BFA85B x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(7916002)(377454003)(199003)(53474002)(53754006)(13464003)(189002)(102836003)(6116002)(3846002)(5002640100001)(586003)(54356999)(76176999)(50986999)(7696004)(9686002)(2906002)(101416001)(3480700004)(5660300001)(86362001)(105586002)(10400500002)(99286002)(3280700002)(106356001)(68736007)(3660700001)(77096005)(8936002)(66066001)(11100500001)(7736002)(5001770100001)(97736004)(81156014)(122556002)(81166006)(92566002)(87936001)(8676002)(189998001)(74316002)(107886002)(15975445007)(5890100001)(19580405001)(19580395003)(2950100001)(2900100001)(33656002)(305945005)(2501003)(7846002); DIR:OUT; SFP:1102; SCL:1; SRVR:CS1PR84MB0151; H:CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; received-spf: None (protection.outlook.com: hpe.com does not designate permitted sender hosts) spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-OriginatorOrg: hpe.com X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Sep 2016 15:59:40.9987 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 105b2061-b669-4b31-92ac-24d304d195dc X-MS-Exchange-Transport-CrossTenantHeadersStamped: CS1PR84MB0151 Subject: Re: Issues with HTTPS Boot X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Sep 2016 15:59:42 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Naveen, I cannot see attachments on this email.=20 =09 What TLS versions and ciphers does your web server support? Depending on w= hen you built the UEFI image, your server may need to have TLS v1.0 enabled= and support one of the non-SHA256 ciphers listed at the top of TlsLib.c. = =20 =09 Regards, Thomas Palmer "I have only made this letter longer because I have not had the time to mak= e it shorter" - Blaise Pascal -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Sant= hapur Naveen Sent: Tuesday, September 20, 2016 6:42 AM To: edk2-devel@lists.01.org Subject: [edk2] Issues with HTTPS Boot Hello All, Since the HTTPS Boot came into picture, I was very enthusiastic t= o try it. I configured the server as-is explained in the white paper https:= //github.com/tianocore/tianocore.github.io/wiki/EDK%20II%20White%20papers But when I try to go for an HTTPS boot, it stops after the TCP ha= ndshake. Attached is the Wireshark log. Please help me out and also let me = know if any other details are needed. Thank you, Naveen _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel