On Sat, Jun 18, 2016 at 4:50 PM, Arran Cudbard-Bell <a.cudbardb@freeradius.org> wrote:
/usr/local/freeradius/sbin/radiusd -v
Is more accurate than using ldd. It calls a version function in OpenSSL to get the version, it doesn't use compile time macros.
Awesome, thanks. FYI, we were able to crack open the iPad logs, and found the following interesting entries: Jun 21 14:15:03 iPad eapolclient[178] <Error>: SecTrustEvaluate [leaf AnchorTrusted] Jun 21 14:15:03 iPad eapolclient[178] <Notice>: [eaptls_plugin.c:291] eaptls_verify_server(): server certificate not trusted status 1001 9807 Jun 21 14:15:03 iPad kernel[0] <Notice>: 000220.437816 wlan0.N[82] AppleBCMWLANCore::setCIPHER_KEY(): [eapolclient]: type = CIPHER_MSK, index = 0, flags = 0x0, key length = 0, key rsc length = 0 Jun 21 14:15:03 iPad eapolclient[178] <Notice>: en0 EAPTLS: authentication failed with status 1001 So, it appears we need to set the iPad to trust my self-signed server certificate, and then it should work.