Reject for unknown TLS version
Alan DeKok
aland at deployingradius.com
Tue Aug 14 16:38:47 CEST 2018
On Aug 14, 2018, at 10:34 AM, Norman Elton <normelton at gmail.com> wrote:
>
> Deploying EAP-TLS, I've got the CA and certificate configured on the
> server, and the client-side certificate on the client. But I'm getting
> a "Unknown TLS version [length 0002]" message. Debug output below.
You're running v2. I would suggest upgrading.
> Is the "[length 0002]" referring to only have two bytes to parse? Is
> some of the transaction getting lost someplace?
I'm not sure. It's a TLS issue.
> To be fair, we have FreeRADIUS deployed on RHEL6, using the
> RedHat-supplied packages. So far, we've been happy with the stability
> this provides, but realize that FreeRADIUS 2.2.6 is way outdated.
Yup. You should upgrade to 2.2.10 at least. It also has fixes for TLS 1.2. :)
Alan DeKok.
More information about the Freeradius-Users
mailing list