A-GNSS MSB with TLS on EG25-G

I’m struggling with TLS on supl.google.com.

$ mmcli -m any --command='AT+QGPSCFG="plane"'
response: '+QGPSCFG: "plane",1'
$ mmcli -m any --command='AT+QGPSSUPLURL?'
response: '+QGPSSUPLURL: "supl.google.com:7275"'
$ mmcli -m any --command='AT+QGPS=2'
response: ''
$ mmcli -m any --command='AT+QGPSGNMEA="GSV"'
response: ''
$ mmcli -m any --command='AT+QGPSGNMEA="GSV"'
response: ''
$ mmcli -m any --command='AT+QGPSGNMEA="GSV"'
response: ''

I’ve tried to upload https://secure.globalsign.net/cacert/Root-R1.crt to the modem and import it using following command. Is it the right certificate to upload?

$ mmcli -m any --command='AT+QGPSSUPLCA="RAM:Root-R1.crt"'
response: ''

Unfortunately nothing has changed. I still don’t see any GSV messages in the output.

if SUPL is configured without TLS (supl.google.com:7276 and plane,0), then everything works and I get

$ mmcli -m any --command='AT+QGPSGNMEA="GSV"'
response: '+QGPSGNMEA: $GPGSV,4,1,13,05,01,037,,07,12,322,,08,22,296,,10,28,187,,1*64
+QGPSGNMEA: $GPGSV,4,2,13,13,19,039,,15,27,073,,16,41,229,,18,51,084,,1*6F
+QGPSGNMEA: $GPGSV,4,3,13,23,57,146,,26,17,205,,27,54,281,,29,,,,1*50
+QGPSGNMEA: $GPGSV,4,4,13,30,09,352,,1*58'

What do I need to get SUPL working with supl.google.com:7275?

I setup supl proxy to check, whether modem connects to the server.
I see modem tries to establish TLSv1.1 (it’s an old and deprecated protocol, that modern servers don’t support anymore) and modem closes connection after receiving ‘Certificate’ by sending ‘Close Notify’ alert.

  1. Is only TLSv1.1 supported?
  2. Why modem closes connection?