Open
Description
APM Agent version
1.20.0
Environment
Operating system and version:
Ubuntu 20.04.5 LTS
.NET Framework/Core name and version (e.g. .NET 4.6.1, NET Core 3.1.100) :
.NET SDK 7.0.102
Application Target Framework(s) (e.g. net461, netcoreapp3.1):
net7.0
Describe the bug
After upgrading to 1.20.0 nothing is sent to APM server, because it fails the TLS handshake:
{"log.level":"error","@timestamp":"2023-03-05T11:03:29.598+0200","log.logger":"beater.http","log.origin":{"file.name":"http/server.go","file.line":3195},"message":"http: TLS handshake error from 10.10.12.162:33834: tls: client offered only unsupported versions: [303 302 301]","service.name":"apm-server","ecs.version":"1.6.0"}
To Reproduce
Steps to reproduce the behavior:
- APM server configuration:
ssl:
enabled: true
certificate: '/path/to/certificate.crt'
key: '/path/to/key.key'
key_passphrase: '${KEY_PASSPHRASE}'
supported_protocols: [TLSv1.3]appsettings.json
"ElasticApm": {
"Enabled": true,
"CentralConfig": false,
"ServiceName": "Foo",
"ServerUrl": "https://apm.some.fully.qualified.name.com:8200"
}Startup.cs
application.UseElasticApm(
_configuration,
new AspNetCoreDiagnosticSubscriber(),
new HttpDiagnosticsSubscriber(),
new EfCoreDiagnosticsSubscriber(),
new ElasticsearchDiagnosticsSubscriber());After switching supported_protocols: [TLSv1.3] to supported_protocols: [TLSv1.3,TLSv1.2] the connection is established successfully and the APM agent works as expected. I'm guessing this is related to #1926.
Expected behavior
TLSv1.3 works same as it did in 1.19.0
Actual behavior
TLSv1.3 does not work