4 Dec
2017
4 Dec
'17
9:12 a.m.
On Dec 4, 2017, at 8:49 AM, Sumant Gupta <sumantgupta@gmail.com> wrote:
I am setting the value as ECDHE-ECDSA-AES128-CCM8 Where to mention it as SHA256 and not SHA1.
See the OpenSSL documentation. The "cipher_list" configuration item is passed directly to OpenSSL.
Since in server hello it is sending as SHA1. Following is the cipher suite id intended to be used.
You've already said that... FreeRADIUS doesn't implement SSL / TLS. It uses OpenSSL. So if there's an issue with SSL negotiation, you have to fix OpenSSL. All of the relevant configuration for OpenSSL *is* exposed and documented in the "eap" module configuration. Alan DeKok.