Just a guess. Does the other side support TLSv1.2? https://github.com/FreeRADIUS/freeradius-server/blob/v3.0.x/raddb/sites-avai... P. On Tue, Sep 14, 2021 at 2:12 PM Emile Swarts <emile.swarts123@gmail.com> wrote:
I recently upgraded Alpine from v3.12 to v3.14.
Noticed that Radsec stopped working, and the only error message I get in the server logs is "(0) FAILED in TLS handshake receive". Switching back to v3.12 fixes the issue and the AP is able to establish the Radsec tunnel and do the authentication.
I'm currently looking through all the dependencies that upgraded as part of the OS upgrade but it's difficult to pinpoint which one broke Radsec. Noted that openssl has stayed on the same version.
FreeRadius versions went from: freeradius-lib-3.0.21-r3 freeradius-3.0.21-r3 freeradius-eap-3.0.21-r3
To: freeradius-lib-3.0.23-r0 freeradius-3.0.23-r0 freeradius-eap-3.0.23-r0
The rest of the package upgrades can be found here: https://gist.github.com/emileswarts/fd7d46556eacac096d318170aea7a19d
Does anyone have any pointers on how to narrow down this bug?
Thanks, Emile - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html