diff --git a/internal/handshake/crypto_setup_server.go b/internal/handshake/crypto_setup_server.go
index 50e26183..ddaf75e9 100644
--- a/internal/handshake/crypto_setup_server.go
+++ b/internal/handshake/crypto_setup_server.go
@@ -431,7 +431,7 @@ func (h *cryptoSetupServer) handleCHLO(sni string, data []byte, cryptoData map[T
 	replyMap := h.params.getHelloMap()
 	// add crypto parameters
 	verTag := &bytes.Buffer{}
-	for _, v := range h.supportedVersions {
+	for _, v := range protocol.GetGreasedVersions(h.supportedVersions) {
 		utils.BigEndian.WriteUint32(verTag, uint32(v))
 	}
 	replyMap[TagPUBS] = ephermalKex.PublicKey()
diff --git a/internal/handshake/crypto_setup_server_test.go b/internal/handshake/crypto_setup_server_test.go
index df57b871..77ec1cef 100644
--- a/internal/handshake/crypto_setup_server_test.go
+++ b/internal/handshake/crypto_setup_server_test.go
@@ -313,12 +313,17 @@ var _ = Describe("Server Crypto Setup", func() {
 			})
 			Expect(err).ToNot(HaveOccurred())
 			Expect(response).To(HavePrefix("SHLO"))
-			Expect(response).To(ContainSubstring("ephermal pub"))
-			Expect(response).To(ContainSubstring("SNO\x00"))
+			message, err := ParseHandshakeMessage(bytes.NewReader(response))
+			Expect(err).ToNot(HaveOccurred())
+			Expect(message.Data).To(HaveKeyWithValue(TagPUBS, []byte("ephermal pub")))
+			Expect(message.Data).To(HaveKey(TagSNO))
+			Expect(message.Data).To(HaveKey(TagVER))
+			// the supported versions should include one reserved version number
+			Expect(message.Data[TagVER]).To(HaveLen(4*len(supportedVersions) + 4))
 			for _, v := range supportedVersions {
 				b := &bytes.Buffer{}
 				utils.BigEndian.WriteUint32(b, uint32(v))
-				Expect(response).To(ContainSubstring(string(b.Bytes())))
+				Expect(message.Data[TagVER]).To(ContainSubstring(string(b.Bytes())))
 			}
 			Expect(checkedSecure).To(BeTrue())
 			Expect(checkedForwardSecure).To(BeTrue())