TWSD-704 Requirement to add TLS1.3 supported all ciphers under SSL virtual host

Review Request #877 — Created May 20, 2025 and submitted June 2, 2025, 2:32 p.m. — Latest diff uploaded May 20, 2025, 5:34 p.m.

Information
Owner:	peteryeh
Repository:	APV10
Branch:	rel_apv_10_7
Bugs:	TWSD-704
Depends On:
Reviewers
Groups:
People:	kevin.poh, tanya, timlai, timsu, weikai

Description

Add TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, TLS_AES_128_CCM_SHA256, TLS_AES_128_CCM_8_SHA256 cipher for virtual host.

Testing Done

Test using browser and OpenSSL s_client:
openssl s_client -connect 192.168.10.91:10443 -tls1_3 -ciphersuites TLS_CHACHA20_POLY1305_SHA256
openssl s_client -connect 192.168.10.91:10443 -tls1_3 -ciphersuites TLS_AES_128_CCM_SHA256
openssl s_client -connect 192.168.10.91:10443 -tls1_3 -ciphersuites TLS_AES_128_CCM_8_SHA256

TLS_AES_128_CCM_SHA256, TLS_AES_128_CCM_8_SHA256 not supported for regular browser. Can only verify with openssl s_client.

Review Note: Some of the file cannot display on Reviewboard page for some reason.
Please download diff to review, thanks!

You have a pending review.

Review Board 5.0.5

TWSD-704 Requirement to add TLS1.3 supported all ciphers under SSL virtual host