Hello CS, It is helpful to know which version of Kea you are using. Based upon your earlier thread, assuming you are running Kea 2.2.0?
As noted in the Kea documentation, TLS support is provided by the underlying crypto library used to build your package of Kea. See https://kea.readthedocs.io/en/kea-2.4.1/arm/security.html. TLS 1.3 is supported when built with appropriate version of crypto library. Assuming Kea DHCP server and kea-shell are able to communicate with your CA over TLS and issue is limited to the micetro client. While micetro capabilities is not a topic for this mailing list, you may want to verify that micetro supports TLS connections to the Kea CA (or run a packet capture to see if using HTTPS and TLS version supported by client). I believe the same/similar error occurs if the client attempts to connect via non-TLS/plain HTTP to a CA configured to use TLS. > On Dec 28, 2023, at 5:07 PM, CS <cs.temp.m...@gmail.com> wrote: > > Hey, > Trying to associate my kea instance with micetro but when addinging it logs > the following error: > HTTP_CONNECTION_HANDSHAKE_FAILED TLS handshake with x.x.x.x failed with wrong > version number > While this may be a problem to be solved on the micetro side, not here with > ya'll, kea is the one with the best error (Micetro just says: "Unable to > connect") and only asks for a hostname or ip address (refusing any > elaborations like https) > > This sounds like a TLS 1.0-1.3 issue to me. Any idea what kea CA is looking > for? > > CS, cs.temp.m...@gmail.com > -- > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. > > Kea-users mailing list > Kea-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/kea-users
-- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list Kea-users@lists.isc.org https://lists.isc.org/mailman/listinfo/kea-users
