vagrant icon indicating copy to clipboard operation
vagrant copied to clipboard
verified publisher icon hashicorp

curl/schannel error "SEC_E_ALGORITHM_MISMATCH " getting box from private registry

Open jjolidon opened this issue 1 year ago • 1 comments

Hello,

This error occurs with our private vagrant registry, which currently uses TLS 1.3. This could be related to this curl PR in which case the issue would be that curl is outdated.

Sincerely, J.

Debug output

Log

Expected behavior

The box is downloaded

Actual behavior

schannel: next InitializeSecurityContext failed: SEC_E_ALGORITHM_MISMATCH (0x80090331) - The client and server cannot communicate, because they do not possess a common algorithm.

Reproduction information

Vagrant add for a server running TLS1.3. The registry is protected by a pfx certificate, but I don't think that's relevant. Firefox can connect, the cipher suite is described as TLS_AES_256_GCM_SHA384, 256 bits keys, TLS 1.3, which seems to correspond to current best practices.

Vagrant version

Vagrant 2.4.1

Host operating system

Windows 10 22H2 19045.4046

Guest operating system

Windows 10 (not relevant)

Steps to reproduce

  1. Use vagrant add to connect to a private repository with https over TLS 1.3

Vagrantfile

N/A

jjolidon avatar Mar 15 '24 11:03 jjolidon

Windows 10 doesn't support proper TLS 1.3. The PR you linked to says as much. Use Windows 11.

wyattoday avatar Apr 17 '24 11:04 wyattoday

Closing as this is a Windows version issue.

chrisroberts avatar Jul 10 '24 01:07 chrisroberts