TLS error 'Failed in proxy receive'

Sharma, Nitin shaniti at amazon.com
Fri Sep 27 09:33:55 CEST 2019


Hello Arran, 

Thanks for the response. We are seeing these error only when we are adding below virtual server detail.

```
listen {
	  ipaddr = *
	  port = 2083
                type = auth+acct
   	 proto = tcp
   	 virtual_server = default
  	 clients = radsec
   limit {
           max_connections = 0
           lifetime = 0
           idle_timeout = 300
   }
   tls {
         private_key_file = ${certdir}/server.pem
         certificate_file = ${certdir}/server.crt
         ca_file = ${cadir}/CA_list.pem
         dh_file = ${certdir}/dh
         fragment_size = 8192
         ca_path = ${cadir}
         cipher_list = "DEFAULT"
     cache {
             enable = no
             lifetime = 24
            max_entries = 255
     }
     require_client_cert = yes

     verify {
     }
   }
}
clients radsec {
   client ALL {
                 ipaddr = 0.0.0.0
                 proto = tls
                 secret = <MASKED>
   }
}
```

Not sure what wrong with this config.

Thanks & Regards,
Nitin Sharma 

´╗┐On 26/09/19, 8:39 PM, "Arran Cudbard-Bell" <a.cudbardb at freeradius.org> wrote:

    
    
    > On Sep 26, 2019, at 2:19 AM, Sharma, Nitin via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
    > 
    > Hello Alan,
    > 
    > Thanks for the response.
    > I am running latest version of OpenSSL and radius version is 3.0.19.
    > 
    > openssl-1.0.2k-16.amzn2.1.1.x86_64
    
    The latest version of OpenSSL 1.1.1d.  The latest version of OpenSSL in the 1.0.2 series is now OpenSSL 1.0.2t.
    
    -Arran
    
    




More information about the Freeradius-Users mailing list