help seeing more debugging EAP-TTLS handshake

A.L.M.Buxey at A.L.M.Buxey at
Thu Sep 24 16:38:47 CEST 2015

> There's some good advice here:

yep....unfortunately its scoped to just the certificate...which is a start... the next
part should be the EAP/TLS stuff - TLS 1.2 support, ciphers to use.... if you are using
a Diffie-Hellman useing method then ensure your DH key is at least 1024 bit  etc etc

...then we go down into the rabbit hole of what clients DONT support TLS 1.2 and prevent
you from scoping the cipher list to JUST TLS 1.2 methods  ;-)


More information about the Freeradius-Users mailing list