I am building Freeradius 3.2.2 and Openssl 3.3.0 separately. And for enabling tls 1.0 and legacy ciphers, I configured both of them. *My freeradius eap configuration as shown below* eap { default_eap_type = tls timer_expire = 60 ignore_unknown_eap_types = no cisco_accounting_username_bug = no max_sessions = 4096 tls-config tls-common { private_key_password = whatever private_key_file = ${certdir}/server.pem certificate_file = ${certdir}/server.pem ca_file = ${certdir}/ca.pem dh_file = ${certdir}/dh random_file = ${certdir}/random cipher_list = "DEFAULT@SECLEVEL=0" tls_min_version = "1.0" ecdh_curve = "secp256k1:secp384r1:secp521r1:prime256v1:X448:X25519" cache { enable = no lifetime = 24 max_entries = 255 } verify{} } tls { tls = tls-common } } To test the TLSv1.0 authentication, I am using eapol_test as a client which is provided by wpa supplicant (v 2.9). And I have already configured the openssl.cnf file in the client computer as it supports tlsv1.0. *eapol_test configuration file:* network={ phase1="tls_disable_tlsv1_0=0 tls_disable_tlsv1_1=1 tls_disable_tlsv1_2=1 tls_disable_tlsv1_3=1 peapver=0" ssid="test-ssid" key_mgmt=WPA-EAP eap=TLS identity="testuser" ca_cert="/path/to/ca.pem" client_cert="/path/to/client.pem" private_key="/path/to/client.key" private_key_passwd="clientkeypassword" eapol_flags=3 } Testing with eapol_test is working properly and successfully. But when another hardware device is used as a client with same configured certificates and configurations, I am getting an error as below Debug: (14) eap_tls: (TLS) recv TLS 1.0 Alert, fatal internal_error Debug: (14) eap_tls: (TLS) The client is informing us that there is a failure inside the TLS protocol exchange. ERROR: (14) eap_tls: (TLS) Alert read:fatal:internal error Debug: (14) eap_tls: (TLS) Server : Need to read more data: error ERROR: (14) eap_tls: (TLS) Failed reading from OpenSSL: ssl/record/rec_layer_s3.c[907]:error:0A000438:SSL routines::tlsv1 alert internal error Debug: (14) eap_tls: (TLS) In Handshake Phase Debug: (14) eap_tls: (TLS) Application data. ERROR: (14) eap_tls: (TLS) Cannot continue, as the peer is misbehaving. ERROR: (14) eap_tls: [eaptls process] = fail ERROR: (14) eap: Failed continuing EAP TLS (13) session. EAP sub-module failed Do you have any thoughts about this issue? I know that it is probably about the client side. But any suggestions or thoughts would be great. I have already checked certificates, protocol matches and cipher suites that are provided by client and server side. Thank you. Caglar