TLS Server Name Indication

Problem this snippet solves: Extensions to TLS encryption protocols after TLS v1.0 have added support for passing the desired servername as part of the initial encryption negotiation. This function...
Updated Aug 28, 2025
Version 2.0
application delivery
devops
iRules
security
Stanislas_Piro2's avatar
Stanislas_Piro2
Icon for Cumulonimbus rankCumulonimbus
Feb 08, 2018

@Chad : In TLS 1.3 Draft you can read this:

 

legacy_record_version This value MUST be set to 0x0303 for all records generated by a TLS 1.3 implementation other than the ClientHello, where it MAY also be 0x0301 for compatibility purposes. This field is deprecated and MUST be ignored for all purposes. Previous versions of TLS would use other values in this field under some circumstances.

 

And I saw that TLS 1.2 still send TLS 1.0 version in protocol version value of CLIENT_HELLO packet but send version 1.2 in handshake protocol version.