Hi, I pulled your branch and gave it a quick test on current Windows 10. I saw the same behavior you did.
On Apr 29 2021, at 3:45 am, Gilles Vollant via curl-library <curl-library@cool.haxx.se> wrote: > I got error: > > schannel: AcquireCredentialsHandle failed: SEC_E_ALGORITHM_MISMATCH > (0x80090331) - The client and server cannot communicate, because they > do not possess a common algorithm. > That was happening because TLSv1.3 is disabled by default on my system. Adding the following to the registry caused it to be enabled: ``` Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client] "DisabledByDefault"=dword:00000000 "Enabled"=dword:00000001 ``` Once I did that, I ran into a new error: "schannel: can't renegotiate, encrypted data available." By commenting out this check: https://github.com/gvollant/curl/blob/2aff6e13896de391f2487e87f2632d44edb97898/lib/vtls/schannel.c#L1959 I was able to proceed and negotiate a TLS 1.3 connection with the akamai server. I don't know enough about the schannel backend to propose a correct fix, though, and that is almost certainly not it. I hope it helps someone who does know enough see where to look next. Best, Geoff ------------------------------------------------------------------- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.html
