Failed in SSLv3 read client certificate A

Michael Martinez mwtzzz at gmail.com
Sat Jun 18 20:00:02 CEST 2016


On Fri, Jun 17, 2016 at 1:26 PM, Alan DeKok <aland at deployingradius.com> wrote:
>
>> On Jun 17, 2016, at 4:23 PM, Michael Martinez <mwtzzz at gmail.com> wrote:
>>
>> We really need to get this working. We're stumped on it. Anybody have
>> any thoughts?
>
>   Set disable_tlsv1_2 in the EAP module.

Maybe slightly off-topic, but how do I find which ssl library my
freeradius server is compiled with? I do:
root at 2-rpi:/usr/local/freeradius/etc/raddb# ldd
/usr/local/freeradius/sbin/radiusd
        /usr/lib/arm-linux-gnueabihf/libcofi_rpi.so (0xb6f7e000)
        libfreeradius-server.so =>
/usr/local/freeradius/lib/libfreeradius-server.so (0xb6f4e000)
           .....<snip>

But nothing about ssl libraries shows up there.

I do: strings /usr/local/freeradius/sbin/radiusd | grep -iE "openssl.*1"
and I see a lot of references to openssl 1.0.2.f:
Diffie-Hellman part of OpenSSL 1.0.2f  28 Jan 2016

so, pretty clear it's compiled against 1.0.2.f. But out of curiosity
is there a way to definitely find out?

And, it seems "disable_tlsv1_2" was added as a way to get around some
problems with older versions of openssl. But will it actually help in
my case?


More information about the Freeradius-Users mailing list