Graphics
Intel® graphics drivers and software, compatibility, troubleshooting, performance, and optimization
22655 Discussions

Intel DSA "21.4.29.8" no longer compatible with Windows 8.1 or 7, but not disclosed

win8tlsciphmismatch
Débutant
‎08-03-2021 03:27 PM
2 148 Visites

Since version 21.4.29.8 Intel DSA uses a new URL to check for updates: " https://dsadata.intel.com/data/en ", but the following results on  Windows 8.1:

Exception while starting session: Intel.DSA.CommonCore.Models.NoInternetExceptionhttps://dsadata.intel.com/data/en ---> System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.
 
TLS connection being aborted by Intel server:
win8tlsciphmismatch_0-1628030160228.png
Ciphers being supported by Windows 8.1 Schannel:
win8tlsciphmismatch_1-1628030218178.png

 

 
The reason for this is:
  1. the Microsoft Schannel library is being used by Intel DSA software to connect
  2. https://dsadata.intel.com/data/en does not have any overlapping SSL ciphers with Windows 8.1 Schannel.
    Intel's server only wants to use TLS_ECDHE_RSA_AES_GCM_[128/256]_SHA[256/384], neither of which are supported by Microsoft Schannel.
    See TLS Cipher Suites in Windows 8.1 - Win32 apps | Microsoft Docs . Only Windows 10 supports those ciphers.
 
Consequence: Intel DSA is unusable on Windows 7 and 8.1. It is impossible to get it working, even though Intel claims Windows 8.1 is supported.
 
Solution: at least one of the ciphers supported by Windows Schannel on Windows 8.1 (see Microsoft's documentation TLS Cipher Suites in Windows 8.1 - Win32 apps | Microsoft Docs ) should be enabled on the Intel server at " https://dsadata.intel.com/data/en ":
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P521
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P521
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P384
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P521
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P521
0 Compliments

Lien copié

3 Réponses
Monique_Intel
Modérateur
‎08-06-2021 12:46 PM
2 108 Visites

@win8tlsciphmismatch  Thank you for bringing this to our attention.  I am the Intel Project Manager for the Intel DSA application so I've provided this information to our developers to investigate.

Thank you,

Monique with Intel Corporation

0 Compliments
Copier le lien
Monique_Intel
Modérateur
‎08-10-2021 10:05 AM
2 077 Visites

@win8tlsciphmismatch   This issue has been resolved.  Please confirm if you are able to successfully scan with IDSA on your Win 7 or Win 8.1 system.

Thanks for your patience,

Monique with Intel Corporation

Copier le lien
MrGreg
Débutant
‎08-10-2021 04:54 PM
2 062 Visites
En réponse à Monique_Intel

Thanks for fixing that little glitch.  Eventually I'll try to roll this Compal NBLB3 over to Win10....  Hope that's before MS drops support for it.

En réponse à Monique_Intel
0 Compliments
Copier le lien
Répondre

L'assistance à la communauté est fournie du lundi au vendredi. D'autres moyens d'entrer en contact sont disponibles ici.

Intel ne vérifie pas l'intégralité des solutions, y compris, entre autres, les transferts de fichiers qui peuvent avoir lieu au sein de cette communauté. Intel décline donc toutes garanties explicites et implicites, y compris, sans s'y limiter, les garanties implicites de qualité marchande, d'adéquation à un usage particulier et de respect des droits de propriété intellectuelle, ainsi que toute garantie découlant des performances, des transactions ou de l'utilisation.

Pour obtenir des informations plus complètes sur l'optimisation des compilateurs, voir notre Avis d'optimisation.