I am trying to make SSL connection with EG21 module and our server over TLS 1.2.
I wanted to use some selective cipher suites for connection:
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xC030)
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02f)
I have set them on EG21 module code through AT commands and trying to make the connection. On server we are getting below three cipher suites.
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xC030)
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02f)
TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)
If I send either TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xC030) or TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02f) I am seeing corresponding cipher suite along with TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff) on server. When sending https request this cipher suite is being sent always with the other cipher suites set by AT command(AT+QSSLCFG=“ciphers”) we don’t want to send this cipher suite along with our https requests as it adds vulnerability. I want to know how to get rid of this cipher suite?