How can I use TLS 1.3 with Invoke-RestMethod?

When I call

 Invoke-RestMethod -Method POST -Uri $url -Body $Body -Headers $Header …

I get:

 Authentication failed because the remote party sent a TLS alert: 'ProtocolVersion'.

Server is Tomcat 9 with just TLS 1.3 enabled while Powershell uses TLS 1.2 - I've checked with Wireshark:

 TLSv1.2 Record Layer: Handshake Protocol: Client Hello
     Content Type: Handshake (22)
     Version: TLS 1.2 (0x0303)
     Length: 167
     Handshake Protocol: Client Hello

I then set

 [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls13

But I get the same error: Powershell still sends a TLS 1.2 Client Hello

How can I use TLS 1.3 from my Powershell scripts?

· 5

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

$$ANON_USER$$ · Feb 07, 2021 at 11:24 AM

The handshake works correctly if I configure Tomcat to use TLS 1.2
I am using latest Powershell 7.1.1 with supports TLS 1.3

0 ·

$$ANON_USER$$ · Feb 08, 2021 at 08:06 AM

It seems that Windows 10 does not yet support TLS 1.3 in its stack as of today

0 ·

IanXue-MSFT · Feb 08, 2021 at 08:28 AM

What is the value returned by [Net.ServicePointManager]::SecurityProtocol ?

0 ·

$$ANON_USER$$ IanXue-MSFT · Feb 15, 2021 at 09:12 AM

It returns Tls13 but according to this post my version of Windows (Version 2004, Build 19041) does not yet support it as build 20170 is required

0 ·

IanXue-MSFT $$ANON_USER$$ · Feb 17, 2021 at 05:50 AM

Sorry I'm not sure if TLS 1.3 is supported in Build 19041. You can start a new thread on this with the "windows-10-general" tag.

0 ·

question