On Jun 12, 2026, at 1:36 PM, Hector Rodriguez via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
It seems that I fixed my issue with EAP-TLS after the new update. In the code below you will see : "configurable_client_cert = yes" and "EAP-TLS-Require-Client-Cert = yes" . If both are enabled and set to yes, it would cause conflict. It seems that I had to comment out "configurable_client_cert = yes" in order for EAP-TLS to work correctly. Based on the comment, it seems that both "configurable_client_cert = yes" and "EAP-TLS-Require-Client-Cert = yes" should work together, but it does not. I hope that the change I made is the correct one, which makes the server require a client cert.
It should be fine. This change is odd, tho. We had checked it, and didn't see any issues. The main problem is that the OpenSSL APIs are not at all clear. This makes it difficult to add or change anything without those updates having a side effect. Alan DeKok.