29 Jun
2026
29 Jun
'26
7:56 p.m.
Hi there, Recently I upgraded from freeradius 3.0.26 (with openssl 3.0.20) to 3.2.7/3.2.8, (with openssl 3.5.0), and I noticed that the server does not send the full certificate chain to the EAP client anymore. The server certificate has a chained structure like cert->intermediate CA2->intermediate CA1->root CA, and I am relying on the auto_chain and the ca_path to construct the chain on the freeradius side. Now it only sends the server_certificate + intermediate CA2, but previously it sent all *four* certificates. Is this a known issue? Regards, Dave