Hi, With FR 3.2.1, ubuntu 20.04, I can't bind to LDAP server using an old TLS 1.0 version. With TLS section parameters in ldap.conf : tls { start_tls = no ca_file = "/etc/freeradius/ca_cert_hosting/12126560.pem" require_cert = demand tls_min_version = "1.0" cipher_list = "DEFAULT@SECLEVEL=1" } I have in debug log for this LDAP server : # Loaded module rlm_ldap ... tls { ca_file = "/etc/freeradius/ca_cert_hosting/12126560.pem" tls_min_version = "1.0" start_tls = no require_cert = "demand" } And the error when trying to bind : TLS: can't connect: (unknown error code). It seems that 'cipher_list' parameter has disappeared in the debug log, is this parameter supported in ldap.conf ? If not, how can I bind and check certificate ('demand' or 'hard' option) to a TLS 1.0 LDAP server ? Regards, Arnaud