Here is another tag-along question ...

I have the suite narrowed down to:

DHE-RSA-AES128-SHA256
DHE-RSA-AES256-SHA256

I am using method wolfTLSv1_2_client_method();

Both of those cipher suites are supported on the server using TLS 1.2 but NOT Lower.

When I attempt to connect, the server returns an ALERT on the first handshake and the connection is aborted.

I may be analyzing this all wrong, but I'm thinking WolfSSL sees these OLD ciphers and attempts the connect at a TLS version less than 1.2 which would then fail at the server.

Is there a way to see what version of TLS the initial handshake is?

Thanks.

p.s. -- if I enable ECC -- server connects no problem.

I do a wolfSSL_get_ciphers() to get a list of the cipher suite currently being supported given my user_settings.h.

I'm trying to see the difference in stack and heap usage based on the cipher suite used.

I am printing out your debug message and watching the process flow.

I have tried forcing a cipher by using wolfSSL_CTX_set_cipher_list() but I see no change in performance or memory usage so I have no idea if that function call is even changing anything.

How can I identify which suite from the list is being used in the connect?

Thanks.

Joe