Error message “tlsv1 alert protocol version”

Symptom

An error message with text:

SSL_connect:SSL_ERROR_SSL_336032814:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version

This indicates an error in setting up a connection whereby there is a mismatch in the transport layer security protocol.

Explanation

The transport layer security (TLS) is designed to provide communication securtiy. When a server secures its connection using TLS 1.3, the client needs to be able to handle TLS 1.3.

Various versions of TLS, including the advantages of version 1.3, are further detailed in:

1. By SSL in their blog

2. And more extensively in this blog

Solution

The component in AIMMS Developer and in AIMMS PRO that handles the transport layer security is upgraded by incorporating TLS 1.3. To make use of this upgrade, you will need to take the following actions:

1. Switch to AIMMS Developer 4.76.4 or later, see this AIMMS Developer release note

2. When you publish your applictions on AIMMS PRO, you will need AIMMS PRO version 2.36.2 or later, see this AIMMS PRO release note

Please note

1. Up till AIMMS Developer 4.76.3 and AIMMS PRO 2.36.1, TLS 1.2 was supported. At the time of writing this article, TLS 1.2 is still

   1. the most widely used transport layer security protocol

   2. considered to be reasonably okay

   There is a clear trend of increasing adoption of TLS 1.3.

2. Servers securing their connection using TLS 1.2 are still supported by AIMMS PRO 2.36.2 and AIMMS Developer 4.76.4. In short, when a client supports TLS 1.3, it also support TLS 1.2.

3. WinUI applications published on AIMMS PRO may also be affected by organizations enforcing TLS 1.2 or TLS 1.3, see Evolution of AIMMS using Transport Layer Security