I am trying to validate two ciphersuite on an old device.
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
Traefik handles the second one perfectly and answers the request but it does not for the first one.
This cipher suite is the isssue then : TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Wireshark :
The very simple configuration :
[api]
debug = true
insecure = true
[log]
level = "DEBUG"
[accessLog]
filePath="access.log"
format="json"
[providers]
[providers.file]
directory = "."
[entryPoints]
[entryPoints.web]
address = ":8090"
[entryPoints.websecure]
address = ":8091"
[http]
[http.routers]
[http.routers.router0]
entryPoints = ["websecure"]
rule = "PathPrefix(`/`)"
service = "my-service"
[http.routers.router0.tls]
options = "myTLSOptions"
[http.services]
[http.services.my-service]
[http.services.my-service.loadBalancer]
[[http.services.my-service.loadBalancer.servers]]
url = "http://192.168.1.17:8088"
[tls.stores]
[tls.stores.default]
[tls.stores.default.defaultCertificate]
certFile = "ca.crt"
keyFile = "ca.key"
[[tls.certificates]]
certFile = "ca.crt"
keyFile = "ca.key"
[tls.options]
[tls.options.myTLSOptions]
minVersion = "VersionTLS12"
cipherSuites = [
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
#"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
]
The certificate is a self signed certificate with the key type prime256v1.
There is no error in the log or in the access log.
Is there anything I am doing wrong ?