TLS 1.3

Vieri rentorbuy at
Mon Jun 29 15:24:43 CEST 2020

So, I gather that "recv TLS 1.3" does not necessarily mean that the client *requires* TLS 1.3.
Then,"send TLS 1.0" might mean that we offered TLS 1.0 but a cipher the client refused.
There's no way to tell which is the culprit (TLS or cipher suite)?

In freeradius eap I have:

cipher_list = "DEFAULT" 
cipher_server_preference = no

So I guess I'm not being very picky, am I?
Maybe I can be more permissive by changing "DEFAULT" to an explicit list?


More information about the Freeradius-Users mailing list