10 Jun
2021
10 Jun
'21
2:59 p.m.
On Jun 10, 2021, at 2:57 PM, James Ko <jim.list@hotmail.com> wrote:
In a TLS handshake the Server Certificate Request contains 3 types RSA Sign, DSS Sign, and ECDSA Sign along with 20 Signature Hash Algorithms.
Is it possible to configure freeradius to allow only ECDSA and one Hash Algorithm, or is this dictated by openssl/libopenssl reporting supported types.
See "cipher_list" in mods-enabled/eap. The string contents are passed directly to OpenSSL. See the OpenSSL documentation for what names to use, and how to format them. Alan DeKok.