Missing SSL Change Cipher Spec in EAP-TLS withClientCertificate verify failed

Alan DeKok aland at deployingradius.com
Sat Jul 9 09:27:17 CEST 2011

yuqiang wrote:
>       I should sum up my problems as followed.According to RFC 5216
> strictly(Fig 1),when the server verified a certificate valid,it should
> return a packet with * (TLS change_cipher_spec,  TLS finished),**and the
> client is waiting for the packet then return (EAP-Response).But please
> see the log(Fig 2),the server return *(TLS Alert
> message)  packet  directly lacking the up step.So i think the freeradius
> is not as required by the specifications,is that right?

  You have a number of problems:

1) FreeRADIUS doesn't implement SSL.  That's done by OpenSSL

2) OpenSSL questions belong on the OpenSSL list not here

3) repeatedly posting the same message is ignorant and rude

4) repeatedly ignoring the responses on this list is ignorant and rude

5) this is your last warning

  If you keep posting nonsense, you will be unsubscribed and banned.

  Alan DeKok.

More information about the Freeradius-Devel mailing list