Troubleshooting "TLS failed during operation" with EAP-TLS

Alan DeKok aland at
Fri Jun 5 18:22:52 CEST 2020

On Jun 5, 2020, at 11:54 AM, Michael Parks <mparks at> wrote:
> I think I might need to try with different certs. I've read rumblings that MikroTik's built-in PKI can cause strange problems in other instances, and it may be the same thing here. (Supposedly it's perfectly standard X509, but..)
> Anything a mere mortal with little C experience can do to get better info as to the failure cause?

  Edit src/main/tls.c, look for the function tls_handshake_recv()

  Instrument it by just adding this in a bunch of places in the function:

	RDEBUG("HERE %d", __LINE__);

  Make sure to also add it before each "return 0"

  	... {
		RDEBUG("HERE %d", __LINE__);
		return 0;


  And then post the one packet here which says "TLS failed during operation"

  Alan DeKok.

More information about the Freeradius-Users mailing list