Hi,
(1) eap_ttls: <<< recv TLS 1.2 [length 002d] (1) eap_ttls: >>> send TLS 1.0 Alert [length 0002], fatal handshake_failure (1) eap_ttls: ERROR: TLS Alert write:fatal:handshake failure tls: TLS_accept: Error in error (1) eap_ttls: ERROR: Failed in __FUNCTION__ (SSL_read): error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher
"No shared cipher" is pretty definitive: server and client have no encrpytion cipher in common, so they can't continue the conversation. It looks like the client tries - and insists - on TLS 1.2 (with its recent ciphers) while the server only offers 1.0 (with its... still somewhat contemporary ciphers). If my reading above is correct, you'd have to upgrade the server to a version that support TLS 1.2 (or just turn it on if you do have a capable version but turned it off deliberately). Greetings, Stefan Winter -- Stefan WINTER Ingenieur de Recherche Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 2, avenue de l'Université L-4365 Esch-sur-Alzette Tel: +352 424409 1 Fax: +352 422473 PGP key updated to 4096 Bit RSA - I will encrypt all mails if the recipient's key is known to me http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66