Signature Hash Algorithm Hash configuration
Alan DeKok
aland at deployingradius.com
Mon Dec 4 15:12:36 CET 2017
On Dec 4, 2017, at 8:49 AM, Sumant Gupta <sumantgupta at gmail.com> wrote:
>
> I am setting the value as ECDHE-ECDSA-AES128-CCM8
> Where to mention it as SHA256 and not SHA1.
See the OpenSSL documentation.
The "cipher_list" configuration item is passed directly to OpenSSL.
> Since in server hello it is sending as SHA1.
> Following is the cipher suite id intended to be used.
You've already said that...
FreeRADIUS doesn't implement SSL / TLS. It uses OpenSSL. So if there's an issue with SSL negotiation, you have to fix OpenSSL.
All of the relevant configuration for OpenSSL *is* exposed and documented in the "eap" module configuration.
Alan DeKok.
More information about the Freeradius-Users
mailing list