Error with TLS 1.3 - Problem with wpa_supplicant or freeradius?

Alan DeKok aland at
Mon Sep 16 13:20:20 CEST 2019

On Sep 16, 2019, at 5:49 AM, Jan-Frederik Rieckers <rieckers+freeradius-devel at> wrote:
> I'm currently testing freeradius v4 with eduroam and have encountered an
> issue with TLS 1.3:

  We don't recommend most people use v4.  It's not officially released, some things don't work, and the code changes radically from day to day.

  For similar reasons, we don't recommend people use TLS 1.3.  The EAP-TLS specification isn't finished, and neither is the one for EAP-TTLS.

> Since I currently don't have any other TLS1.3 capable radius server to
> test I just wanted to ask: Is this a problem in FreeRADIUS or in
> wpa_supplicant?

  There's a reason no TLS 1.3-capable RADIUS server exists.  The specifications aren't finished.

  If TLS 1.3 works, it's magic.  Wonderful.  If it doesn't work, wait for the standards to be published.

  Alan DeKok.

More information about the Freeradius-Devel mailing list