On Aug 14, 2018, at 10:34 AM, Norman Elton <normelton@gmail.com> wrote:
Deploying EAP-TLS, I've got the CA and certificate configured on the server, and the client-side certificate on the client. But I'm getting a "Unknown TLS version [length 0002]" message. Debug output below.
You're running v2. I would suggest upgrading.
Is the "[length 0002]" referring to only have two bytes to parse? Is some of the transaction getting lost someplace?
I'm not sure. It's a TLS issue.
To be fair, we have FreeRADIUS deployed on RHEL6, using the RedHat-supplied packages. So far, we've been happy with the stability this provides, but realize that FreeRADIUS 2.2.6 is way outdated.
Yup. You should upgrade to 2.2.10 at least. It also has fixes for TLS 1.2. :) Alan DeKok.