Are SHA-256 certificates supported?

Jan Schroetter konfera at splachovac.cz
Thu Feb 14 14:17:57 CET 2008


Hello!
I reply to old message from Thu Oct 25 13:37:14 CEST 2007. I'm trying 
to use freeRADIUS for EAP-TLS authentication using certificate with 
SHA-256 digest. I found this topic in archive and the last message 
(below) says support for SHA-256 is already in CVS. But it's probably 
not in 2.0.1. Can I ask why?
I tried adding
EVP_add_digest(EVP_sha256());
to eaptls_initiate(...) and it helps. But official support for SHA-256 
would be fine..

Many thanks!

Best regards
Jan Schroetter

---Original message---

Hi,

 >> I can live with this hack in my test server, but would appreciate 
it if
 >> FreeRADIUS added official support for SHA-256 digests.
 >
 >   I've added the appropriate OpenSSL initialization call to the source.
 >
 >   Alan DeKok.

thank you. The CVS version seems to work with my certificates, and also
when using SHA-256 certificate on the server side.

regards,
  - hannu



More information about the Freeradius-Users mailing list