TLS problem after upgrade to 3.0.23
Matthew Newton
mcn at freeradius.org
Tue Jul 27 12:00:00 CEST 2021
On 27/07/2021 06:08, mohamed almeshal wrote:
> I have a server that run 3.0.21 I do apt-get upgrade by mistake and discover it update the freeradius to 3.0.23-2 now I'm in this stiuation all the the time
>
> (0) (TLS) Initiating new session
> (0) (TLS) Setting verify mode to require certificate from client
> (0) (TLS) Handshake state - before SSL initialization
> (0) (TLS) Handshake state - Server before SSL initialization
> (0) (TLS) Handshake state - Server before SSL initialization
> (0) (TLS) recv TLS 1.3 Handshake, ClientHello
> (0) (TLS) Handshake state - Server SSLv3/TLS read client hello
> (0) (TLS) send TLS 1.2 Handshake, ServerHello
> (0) (TLS) Handshake state - Server SSLv3/TLS write server hello
...
>
> even I used the same config it's keep refuse to handshake what is the solution for that
You've not sent most of the debug output, so this answer is a vague
guess, but check your TLS version config, and especially the cipher_list.
https://github.com/FreeRADIUS/freeradius-server/blob/v3.0.x/raddb/mods-available/eap#L430-L479
--
Matthew
More information about the Freeradius-Users
mailing list